Microsoft Patch Tuesday of June: 129 vulnerabilities corrected including 11 critical
In June, Microsoft released fixes for 129 CVEs, including 11 critical ones.
Satnam Narang, Principal Research Engineer, Tenable, comments:
“Microsoft is continuing its series of patch releases for more than 100 CVEs, as the patch Tuesday patch for June 2020 contains fixes for 129 CVEs, 11 of which are considered critical. For the second consecutive month, none of the corrected vulnerabilities have been exploited in the wild or publicly disclosed.
This month, we notably find a trio of fixes for Microsoft Server Message Block (SMB) vulnerabilities, two of which reside in version 3.1.1 of SMB (SMBv3). The three vulnerabilities are classified as “Most Likely Exploitation” based on Microsoft’s exploitability index.
This includes a denial of service vulnerability (CVE-2020-1284) and an information disclosure vulnerability (CVE-2020-1206) in SMBv3. The first can be exploited by an unauthenticated remote attacker, while the second requires that the attacker be authenticated. These flaws in SMBv3 follow in the footsteps of CVE-2020-0796, a flaw in unauthenticated remote code execution in SMBv3 which was corrected last March and which we have been able to observe since exploitation in the wild.
CVE-2020-1301 completes the trio of vulnerabilities in the Microsoft Server Message Block. This is a remote code execution vulnerability in SMBv1. This could create an impression of deja vu because it reminds us of EternalBlue, another remote code execution vulnerability in SMBv1 that was used in WannaCry’s ransomware attacks in 2017. However, the difference between the two is that ‘EternalBlue could be exploited by an unauthenticated attacker, when this flaw requires authentication, according to Microsoft. The vulnerability affects Windows 7 and Windows 2008, which both reached their end of support in January 2020. However, Microsoft has released fixes for both operating systems. Despite this, we strongly recommend disabling SMBv1, as it is a protocol that should no longer be used. In addition, updating Windows 7 and Windows 2008 is also recommended, as Microsoft rarely releases security patches for operating systems that are no longer officially supported. “