{"id":8754,"date":"2020-12-11T12:45:46","date_gmt":"2020-12-11T19:45:46","guid":{"rendered":"https:\/\/webdev.securin.xyz\/?post_type=patch_watch&#038;p=8754"},"modified":"2023-03-03T14:24:28","modified_gmt":"2023-03-03T21:24:28","slug":"november-2020-patch-watch-digest","status":"publish","type":"patch_watch","link":"https:\/\/webdev.securin.xyz\/patch_watch\/november-2020-patch-watch-digest\/","title":{"rendered":"November 2020: Patch Watch Digest"},"content":{"rendered":"<p dir=\"ltr\"><img decoding=\"async\" style=\"width: 891px; height: 500px;\" src=\"\/wp-content\/uploads\/2022\/10\/highlights-for-november-2020-1.png\" alt=\"\" \/><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><strong>Highlights of November Digest<\/strong><\/span><\/span><\/p>\n<ul>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><strong><a href=\"#Known Exploits\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">27 vendors have released security updates for 947 vulnerabilities and among them 66 CVEs have known exploits.<\/span><\/span><\/a><\/strong><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><strong><a href=\"#CISA Alerts\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">CISA has released an alert for 86 vulnerabilities that got patched this month.<\/span><\/span><\/a><\/strong><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><strong><a href=\"#Microsoft Patches\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Microsoft fixed\u00a0112 security bugs with 17 critical CVEs.<\/span><\/span><\/a><\/strong><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><strong><a href=\"#Old CVEs\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">171 Old vulnerabilities have been patched this month and 5 CVEs have RCE and PE capabilities.<\/span><\/span><\/a><\/strong><\/p>\n<\/li>\n<\/ul>\n<ol>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><a id=\"Known Exploits\" name=\"Known Exploits\"><\/a>We have 66 CVEs that were associated with known exploits. Here is our analysis &#8211;<\/span><\/span><\/p>\n<\/li>\n<\/ol>\n<ul style=\"margin-left: 40px;\">\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">20 CVEs have Remote code Execution flaws<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">3 CVEs have PE Capabilities<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">29 CVEs are Web app exploits<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">5 CVEs can be exploitable in any form<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">6 CVEs are associated with Denial of Service<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">2 CVEs are linked with Local exploits, and 1 CVE can be exploited in the form of File upload.<\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><img decoding=\"async\" style=\"width: 500px; height: 326px;\" src=\"https:\/\/lh3.googleusercontent.com\/ehFpBm1Nqitv9De6XB54MyP5oVJAMY3TfBb-nazpfwvvyKWbT07_ICq_mbB4To7A7izNJWhd9Y60gVQ6OKBhNUa7UP-kUrWx4PyZmBk95q_tP3IORM0XmSYgb88w3w\" \/><\/span><\/span><\/p>\n<p dir=\"ltr\">\n<p><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrVv4GFRCWmhLBse?backgroundColor=purple&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 14px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><strong>Table 1: Weaponized Vulnerabilities<\/strong><\/span><\/span><\/p>\n<ol start=\"2\">\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><a id=\"CISA Alerts\" name=\"CISA Alerts\"><\/a>CISA had earlier released a warning alert for 86 vulnerabilities.<\/span><\/span><\/p>\n<\/li>\n<\/ol>\n<ul style=\"margin-left: 40px;\">\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Out of 86 CVEs, 11 are publicly exploitable vulnerabilities.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">5 CVEs are ranked critical, 15 with high severity, 40 of medium, 13 of low severity, and 13 with unknown severity.<\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><img decoding=\"async\" style=\"width: 490px; height: 378px;\" src=\"https:\/\/lh6.googleusercontent.com\/eqeini7koFht_AN79uFFoaEjUxY-1RdcbeXUPmrXHUF5Op9GsfD6vBo7hgx6M2Axe_535tFNGCq1LxqJJRVMyWDAXozxGCAOIJmoztGVUQ7SnpxTIYpDHueFpeUvRA\" \/><\/span><\/span><\/p>\n<p><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrVv4GFRCWmhLBse?backgroundColor=purple&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 14px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><strong>Table 2: CISA Alerts<\/strong><\/span><\/span><\/p>\n<ol start=\"3\">\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><a id=\"Microsoft Patches\" name=\"Microsoft Patches\"><\/a>Microsoft has plugged\u00a0112 security bugs.<\/span><\/span><\/p>\n<\/li>\n<\/ol>\n<ul style=\"margin-left: 40px;\">\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">24 CVEs\u00a0are associated with\u00a0Remote Code Execution\u00a0hence patching these would be optimum.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Of these,\u00a017\u00a0are critical, 93 are important, and two are low in severity.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-17087\">CVE-2020-17087<\/a> &#8211; This is a Zero-day bug, an actively exploitable vulnerability with PE capabilities.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-17087\">CVE-2020-17087<\/a>\u00a0exists in Windows Kernel Cryptography Driver, which facilitates a locally accessible attack surface.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">When CVE-2020-15999 (a type of memory-corruption vulnerability) and\u00a0<a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2020-17087\">CVE-2020-17087<\/a>\u00a0are linked together, it would allow an attacker to break out of Google Chrome\u2019s sandbox.\u00a0<\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<p><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrac6ulIKAATCcZL?backgroundColor=purple&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 14px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><strong>Table 3: Microsoft November Patches<\/strong><\/span><\/span><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><img decoding=\"async\" style=\"width: 500px; height: 386px;\" src=\"https:\/\/lh4.googleusercontent.com\/9laLkKYMj3yLmiGhAiwErtiQkXD3s9kDFQB9XJOHJsqWlw6NdKiH8tTbPIW-J9IrCMhLrz-UYyYFQsVijDSBnwTJl75AJpj0yyIYVZ0Sw5ql0uTyWlPis1h5FvK4cQ\" \/><\/span><\/span><\/p>\n<ol start=\"4\">\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><a id=\"Old CVEs\" name=\"Old CVEs\"><\/a>We have 171 old vulnerabilities patched for this month.<\/span><\/span><\/p>\n<\/li>\n<\/ol>\n<ul style=\"margin-left: 40px;\">\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">CVE-2018-7600 is associated with the Sea turtle APT group and Satan ransomware.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">22 CVEs are weaponized with publicly known exploits.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">6 CVEs are rated critical, 37 are high, and 100 are medium.<\/span><\/span><\/p>\n<\/li>\n<li dir=\"ltr\">\n<p dir=\"ltr\" role=\"presentation\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">17 CVEs have been issued a warning alert by CISA.<\/span><\/span><\/p>\n<\/li>\n<\/ul>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><img decoding=\"async\" style=\"width: 500px; height: 386px;\" src=\"https:\/\/lh4.googleusercontent.com\/WO2W3_S8HEQchUJM_X-wuw6lNiCqzrBJkFXrDyihabgiYxplhTmrB9PRjOhCgP7eVF8hOqsWjvsk7FkJaDqOSWpv-CeSyzZs7Ib8-4HDnjbAZJzYkMKFn_AXP2Rgyg\" \/><\/span><\/span><\/p>\n<p><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrouEBTC0CO3YpQj?backgroundColor=purple&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 14px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><strong>Table 4: Old Vulnerabilities<\/strong><\/span><\/span><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">According to the <a href=\"https:\/\/www.bitdefender.com\/files\/News\/CaseStudies\/study\/378\/Bitdefender-Whitepaper-2020-Business-Threat-Landscape-Report.pdf\">Threat landscape report<\/a>, 63% of unpatched vulnerabilities belong to 2018 and earlier period. Therefore, organizations are recommended to adopt patch management solutions as early as possible.\u00a0<\/span><\/span><\/p>\n<p><iframe class=\"airtable-embed\" style=\"background: transparent; border: 1px solid #ccc;\" src=\"https:\/\/airtable.com\/embed\/shrEbp2yaLTxCc8fM?backgroundColor=purple&amp;viewControls=on\" width=\"100%\" height=\"533\" frameborder=\"0\"><\/iframe><\/p>\n<p dir=\"ltr\"><span style=\"font-size: 14px;\"><span style=\"font-family: verdana,geneva,sans-serif;\"><strong>Table 5: Vulnerabilities yet to be weaponized<\/strong><\/span><\/span><\/p>\n<p><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Cybercriminals often target unpatched vulnerabilities and publicly known exploits to deploy cyberattacks. Maintain good cyber hygiene practices by patching or upgrading vulnerable systems and stay safe.\u00a0\u00a0<\/span><\/span><\/p>\n<p><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Happy Patching<\/span><\/span><\/p>\n<p><span style=\"font-size: 16px;\"><span style=\"font-family: verdana,geneva,sans-serif;\">Team CSW<\/span><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Highlights of November Digest 27 vendors have released security updates for 947 vulnerabilities and among them 66 CVEs have known exploits. CISA has released an alert for 86 vulnerabilities that got patched this month. Microsoft fixed\u00a0112 security bugs with 17 critical CVEs. 171 Old vulnerabilities have been patched this month and 5 CVEs have RCE [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":14443,"parent":0,"menu_order":0,"template":"","meta":{"content-type":""},"patch_category":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch\/8754"}],"collection":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_watch"}],"about":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/types\/patch_watch"}],"author":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/users\/1"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media\/14443"}],"wp:attachment":[{"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/media?parent=8754"}],"wp:term":[{"taxonomy":"patch_category","embeddable":true,"href":"https:\/\/webdev.securin.xyz\/wp-json\/wp\/v2\/patch_category?post=8754"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}