Advisory Microsoft Patch Tuesday – March 2020

aeCERT One of Telecommunications Regulatory Authority (TRA) Initiatives P O Box 116688, Dubai, United Arab Emirates (UAE) www.aecert.ae | www.tra.gov.ae

Version: 1.0 Ref: ADV-19-019 Document Date: 11/03/2020

Document Details

Disclaimer

Whilst every effort has been made to ensure the accuracy of the information contained within this report, aeCERT and the TRA bear no liability or responsibility for any recommendations issued or inadvertent damages that could be caused by the recipient of this information.

Accessing third-party links in this advisory will direct you to an external website. Please note that aeCERT bears no responsibility for third-party website traffic. aeCERT will have no liability to the entities for the content or use of the content available through the hyperlinks that are referenced.

Contents

Contents 1

Summary 2

Details 2

Recommendations 11

References 11

1 | P a g e

Summary aeCERT has received the latest Microsoft security updates that aim to patch recent vulnerabilities discovered in their system. The release has impact on some Microsoft products. In order to protect windows from security risks, users should install latest update as soon as possible.

Details

Microsoft has released the monthly security update for the month of march. This update discloses many different vulnerabilities from many of Microsoft’s products. This patch is related to 117 vulnerabilities: • 25 of these are considered critical • 91 are also considered important

As such, due to the large number of critical and important vulnerabilities, this patch is very critical.

These are the vulnerabilities, as well as their severities.

Tag CVE ID CVE Title Severity

Service Fabric Elevation Azure CVE-2020-0902 Important of Privilege

Azure DevOps Server and Team Foundation Azure DevOps CVE-2020-0758 Important Services Elevation of Privilege Vulnerability Azure DevOps Server and Team Foundation Azure DevOps CVE-2020-0815 Important Services Elevation of Privilege Vulnerability Azure DevOps Server Azure DevOps CVE-2020-0700 Cross-site Scripting Important Vulnerability

Internet Explorer Internet Explorer CVE-2020-0824 Memory Corruption Critical Vulnerability

Scripting Engine Microsoft Browsers CVE-2020-0768 Memory Corruption Critical Vulnerability

2 | P a g e

Dynamics Business Microsoft Dynamics CVE-2020-0905 Central Remote Code Critical Execution Vulnerability

Microsoft Edge Memory Microsoft Edge CVE-2020-0816 Corruption Vulnerability Critical

Microsoft Exchange Microsoft Exchange CVE-2020-0903 Server Spoofing Important Server Vulnerability

Windows GDI Microsoft Graphics CVE-2020-0774 Information Disclosure Important Component Vulnerability

Microsoft Graphics Win32k Elevation of CVE-2020-0788 Important Component Privilege Vulnerability

Windows Graphics Microsoft Graphics CVE-2020-0791 Component Elevation of Important Component Privilege Vulnerability

Microsoft Graphics DirectX Elevation of CVE-2020-0690 Important Component Privilege Vulnerability

Windows Imaging Microsoft Graphics CVE-2020-0853 Component Information Important Component Disclosure Vulnerability

Microsoft Graphics Win32k Elevation of CVE-2020-0877 Important Component Privilege Vulnerability

Windows GDI Microsoft Graphics CVE-2020-0882 Information Disclosure Important Component Vulnerability

Microsoft Graphics GDI+ Remote Code CVE-2020-0883 Critical Component Execution Vulnerability

Microsoft Graphics GDI+ Remote Code CVE-2020-0881 Critical Component Execution Vulnerability

Windows GDI Microsoft Graphics CVE-2020-0880 Information Disclosure Important Component Vulnerability

Microsoft Graphics Win32k Elevation of CVE-2020-0887 Important Component Privilege Vulnerability

3 | P a g e

Windows Graphics Microsoft Graphics CVE-2020-0898 Component Elevation of Important Component Privilege Vulnerability

Windows Graphics Microsoft Graphics CVE-2020-0885 Component Information Important Component Disclosure Vulnerability

Microsoft Word Remote Microsoft Office CVE-2020-0850 Code Execution Important Vulnerability

Microsoft Word Remote Microsoft Office CVE-2020-0852 Code Execution Critical Vulnerability

Microsoft Word Remote Microsoft Office CVE-2020-0892 Code Execution Important Vulnerability

Microsoft Word Remote Microsoft Office CVE-2020-0851 Code Execution Important Vulnerability

Microsoft Word Remote Microsoft Office CVE-2020-0855 Code Execution Important Vulnerability

Microsoft SharePoint Microsoft Office CVE-2020-0795 Reflective XSS Important SharePoint Vulnerability

Microsoft SharePoint Microsoft Office CVE-2020-0891 Reflective XSS Important SharePoint Vulnerability

Microsoft Office Microsoft Office CVE-2020-0893 SharePoint XSS Important SharePoint Vulnerability

Microsoft Office Microsoft Office CVE-2020-0894 SharePoint XSS Important SharePoint Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0830 Memory Corruption Critical Engine Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0829 Memory Corruption Engine Critical Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0813 Information Disclosure Important Engine Vulnerability

4 | P a g e

Scripting Engine Microsoft Scripting CVE-2020-0826 Memory Corruption Engine Critical Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0827 Memory Corruption Engine Critical Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0825 Memory Corruption Engine Critical Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0831 Memory Corruption Engine Critical Vulnerability

Microsoft Scripting VBScript Remote Code CVE-2020-0847 Moderate Engine Execution Vulnerability

Chakra Scripting Engine Microsoft Scripting CVE-2020-0811 Memory Corruption Critical Engine Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0828 Memory Corruption Engine Critical Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0848 Memory Corruption Engine Critical Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0823 Memory Corruption Engine Critical Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0832 Memory Corruption Moderate Engine Vulnerability

Chakra Scripting Engine Microsoft Scripting CVE-2020-0812 Memory Corruption Critical Engine Vulnerability

Scripting Engine Microsoft Scripting CVE-2020-0833 Memory Corruption Critical Engine Vulnerability

Windows Work Folder Microsoft Windows CVE-2020-0897 Service Elevation of Important Privilege Vulnerability

Windows Hard Link Microsoft Windows CVE-2020-0896 Elevation of Privilege Important Vulnerability

5 | P a g e

Windows Network Connections Service Microsoft Windows CVE-2020-0871 Important Information Disclosure Vulnerability Windows GDI Microsoft Windows CVE-2020-0874 Information Disclosure Important Vulnerability

Win32k Information Microsoft Windows CVE-2020-0876 Important Disclosure Vulnerability

Windows Error Microsoft Windows CVE-2020-0775 Reporting Information Important Disclosure Vulnerability

Windows GDI Microsoft Windows CVE-2020-0879 Information Disclosure Important Vulnerability Diagnostics Hub Standard Collector Microsoft Windows CVE-2020-0793 Important Elevation of Privilege Vulnerability

Windows Elevation of Microsoft Windows CVE-2020-0776 Important Privilege Vulnerability

Media Foundation Microsoft Windows CVE-2020-0869 Memory Corruption Critical Vulnerability Windows Network Driver Interface Microsoft Windows CVE-2020-0861 Specification (NDIS) Important Information Disclosure Vulnerability Connected User Experiences and Microsoft Windows CVE-2020-0863 Telemetry Service Important Information Disclosure Vulnerability Windows ActiveX Installer Service Microsoft Windows CVE-2020-0860 Important Elevation of Privilege Vulnerability Windows Search Microsoft Windows CVE-2020-0857 Indexer Elevation of Important Privilege Vulnerability

Windows Elevation of Microsoft Windows CVE-2020-0858 Important Privilege Vulnerability

6 | P a g e

Windows Work Folder Microsoft Windows CVE-2020-0865 Service Elevation of Important Privilege Vulnerability

Windows Work Folder Microsoft Windows CVE-2020-0866 Service Elevation of Important Privilege Vulnerability

Windows Work Folder Microsoft Windows CVE-2020-0864 Service Elevation of Important Privilege Vulnerability

Media Foundation Microsoft Windows CVE-2020-0820 Information Disclosure Important Vulnerability

Windows Device Setup Microsoft Windows CVE-2020-0819 Manager Elevation of Important Privilege Vulnerability Windows Network Connections Service Microsoft Windows CVE-2020-0804 Important Elevation of Privilege Vulnerability Windows Installer Microsoft Windows CVE-2020-0779 Elevation of Privilege Important Vulnerability Windows Network Connections Service Microsoft Windows CVE-2020-0802 Important Elevation of Privilege Vulnerability Windows Network Connections Service Microsoft Windows CVE-2020-0803 Important Elevation of Privilege Vulnerability Windows Network Connections Service Microsoft Windows CVE-2020-0778 Important Elevation of Privilege Vulnerability Media Foundation Microsoft Windows CVE-2020-0809 Memory Corruption Critical Vulnerability Diagnostic Hub Standard Collector Microsoft Windows CVE-2020-0810 Important Elevation of Privilege Vulnerability Media Foundation Microsoft Windows CVE-2020-0807 Memory Corruption Critical Vulnerability

Provisioning Runtime Microsoft Windows CVE-2020-0808 Elevation of Privilege Important Vulnerability

7 | P a g e

Windows Work Folder Microsoft Windows CVE-2020-0797 Service Elevation of Important Privilege Vulnerability

Windows User Profile Microsoft Windows CVE-2020-0785 Service Elevation of Important Privilege Vulnerability

Windows Tile Object Microsoft Windows CVE-2020-0786 Service Denial of Important Service Vulnerability Windows Background Intelligent Transfer Microsoft Windows CVE-2020-0787 Important Service Elevation of Privilege Vulnerability Windows UPnP Service Microsoft Windows CVE-2020-0783 Elevation of Privilege Important Vulnerability

Windows Work Folder Microsoft Windows CVE-2020-0800 Service Elevation of Important Privilege Vulnerability

Media Foundation Microsoft Windows CVE-2020-0801 Memory Corruption Critical Vulnerability

Windows UPnP Service Microsoft Windows CVE-2020-0781 Elevation of Privilege Important Vulnerability

Windows Network List Microsoft Windows CVE-2020-0780 Service Elevation of Important Privilege Vulnerability

Windows Work Folder Microsoft Windows CVE-2020-0777 Service Elevation of Important Privilege Vulnerability

Windows Error Microsoft Windows CVE-2020-0772 Reporting Elevation of Important Privilege Vulnerability

Windows Hard Link Microsoft Windows CVE-2020-0849 Elevation of Privilege Important Vulnerability Windows Network Connections Service Microsoft Windows CVE-2020-0845 Important Elevation of Privilege Vulnerability

LNK Remote Code Microsoft Windows CVE-2020-0684 Critical Execution Vulnerability

8 | P a g e

Windows CSC Service Microsoft Windows CVE-2020-0769 Elevation of Privilege Important Vulnerability

Windows CSC Service Microsoft Windows CVE-2020-0771 Elevation of Privilege Important Vulnerability

Windows Hard Link Microsoft Windows CVE-2020-0841 Elevation of Privilege Important Vulnerability

Windows Hard Link Microsoft Windows CVE-2020-0840 Elevation of Privilege Important Vulnerability

Windows Error Microsoft Windows CVE-2020-0806 Reporting Elevation of Important Privilege Vulnerability

Windows Installer Microsoft Windows CVE-2020-0843 Elevation of Privilege Important Vulnerability Connected User Experiences and Microsoft Windows CVE-2020-0844 Telemetry Service Important Elevation of Privilege Vulnerability Windows Installer Microsoft Windows CVE-2020-0842 Elevation of Privilege Important Vulnerability

Remote Code Execution Open Source Software CVE-2020-0872 Vulnerability in Important Application Inspector Remote Desktop Connection Manager Other CVE-2020-0765 Moderate Information Disclosure Vulnerability Visual Studio Extension Visual Studio CVE-2020-0789 Installer Service Denial Important of Service Vulnerability

Microsoft Visual Studio Visual Studio CVE-2020-0884 Important Spoofing Vulnerability

Windows Defender Security Center Windows Defender CVE-2020-0763 Important Elevation of Privilege Vulnerability Windows Defender Security Center Windows Defender CVE-2020-0762 Important Elevation of Privilege Vulnerability

9 | P a g e

Windows Mobile Device Windows Diagnostic Management CVE-2020-0854 Important Hub Diagnostics Elevation of Privilege Vulnerability

Microsoft IIS Server Windows IIS CVE-2020-0645 Important Tampering Vulnerability

Windows Installer Windows Installer CVE-2020-0814 Elevation of Privilege Important Vulnerability Windows ActiveX Installer Service Windows Installer CVE-2020-0773 Important Elevation of Privilege Vulnerability Windows ActiveX Installer Service Windows Installer CVE-2020-0770 Important Elevation of Privilege Vulnerability Windows Language Windows Installer CVE-2020-0822 Pack Installer Elevation Important of Privilege Vulnerability Windows Modules Installer Service Windows Installer CVE-2020-0859 Important Information Disclosure Vulnerability Windows Update Orchestrator Service Windows Installer CVE-2020-0868 Important Elevation of Privilege Vulnerability Windows Installer Windows Installer CVE-2020-0798 Elevation of Privilege Important Vulnerability Windows Update Orchestrator Service Windows Installer CVE-2020-0867 Important Elevation of Privilege Vulnerability Windows ALPC Windows Kernel CVE-2020-0834 Elevation of Privilege Important Vulnerability

Windows Kernel Windows Kernel CVE-2020-0799 Elevation of Privilege Important Vulnerability

10 | P a g e

Recommendations

To avoid exploitation due to the presence of these vulnerabilities, we highly recommend to keep your system and programs updated with the latest security patches.

References

TerabitWeb Blog BleepingComputer

aeCERT Contact Info

P.O. Box 116688 Dubai, United Arab Emirates

Tel (+971) 4 777 4003 Fax (+971) 4 777 4100 Email incident[at]aeCERT.ae Instagram @TheUAETRA Twitter @TheUAETRA

For secure communications with aeCERT with regards to sensitive or vulnerability information please send your correspondences to incident[at]aeCERT.ae

11 | P a g e