NEW THREAT OVERVIEW | PREVIOUS THREATS UPDATES | THREAT DETAILS
EXECUTIVE SUMMARY March 10, 2020 | MTIS20-010
Since the last McAfee® Labs Security Advisory (February 12), the following noteworthy event has taken place:
Patches are available for multiple Microsoft security vulnerabilities
NEW THREAT OVERVIEW (MSPT-Mar2020) Microsoft IIS Server improperly handles Malformed Request Headers Privilege Escalation (CVE- 2020-0645) MTIS20-010-A IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows .LNK file Remote Code Execution (CVE-2020-0684) MTIS20-010-B IMPORTANCE: High COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft DirectX improperly handles Objects in Memory Privilege Escalation (CVE-2020-0690) MTIS20-010-C IMPORTANCE: Medium COVERED PRODUCTS: DAT | Web Gateway UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Visual Studio improperly handles Pipeline Job Tokens Privilege Escalation (CVE-2020- 0758) MTIS20-010-D IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Defender Handles Certain Objects in Memory Privilege Escalation (CVE-2020-0762) MTIS20-010-E IMPORTANCE: Medium COVERED PRODUCTS:
Security Advisory MTIS20-010 - Page 1 of 19 UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Defender Handles Certain Objects in Memory Privilege Escalation (CVE-2020-0763) MTIS20-010-F IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft RDCMan Improperly Parses XML Information Disclosure (CVE-2020-0765) MTIS20-010-G IMPORTANCE: Low COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Browsers Access Objects in Memory Remote Code Execution (CVE-2020-0768) MTIS20-010-H IMPORTANCE: High COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows CSC Service Privilege Escalation (CVE-2020-0769) MTIS20-010-I IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows ActiveX Installer Service Privilege Escalation (CVE-2020-0770) MTIS20-010-J IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows CSC Service Privilege Escalation (CVE-2020-0771) MTIS20-010-K IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows Error Reporting Privilege Escalation (CVE-2020-0772) MTIS20-010-L IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
Security Advisory MTIS20-010 - Page 2 of 19
(MSPT-Mar2020) Microsoft Windows ActiveX Installer Service Privilege Escalation (CVE-2020-0773) MTIS20-010-M IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows GDI Information Disclosure (CVE-2020-0774) MTIS20-010-N IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows Error Reporting Privilege Escalation (CVE-2020-0775) MTIS20-010-O IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows AppX Deployment Extensions Privilege Escalation (CVE-2020-0776) MTIS20-010-P IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows Work Folder Service Privilege Escalation (CVE-2020-0777) MTIS20-010-Q IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows Network Connections Service Privilege Escalation (CVE-2020-0778) MTIS20-010-R IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows Installer Privilege Escalation (CVE-2020-0779) MTIS20-010-S IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows Network List Service Privilege Escalation (CVE-2020-0780) MTIS20-010-T IMPORTANCE: Medium COVERED PRODUCTS:
Security Advisory MTIS20-010 - Page 3 of 19 UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows UPnP Privilege Escalation (CVE-2020-0781) MTIS20-010-U IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows UPnP Privilege Escalation (CVE-2020-0783) MTIS20-010-V IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows ProfSvc Privilege Escalation (CVE-2020-0785) MTIS20-010-W IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows BITS Privilege Escalation (CVE-2020-0787) MTIS20-010-X IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Windows Win32k Privilege Escalation (CVE-2020-0788) MTIS20-010-Y IMPORTANCE: Medium COVERED PRODUCTS: DAT | Web Gateway UNDER ANALYSIS: Firewall Enterprise
Back to top
(MSPT-Mar2020) Microsoft Azure DevOps Server Improperly Sanitize User Provided Input Remote Code Execution (CVE-2020-0700) MTIS20-010-Z IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS:
Back to top
THREAT DETAILS (MSPT-Mar2020) Microsoft IIS Server improperly handles Malformed Request Headers Privilege Escalation (CVE- 2020-0645) MTIS20-010-A THREAT IDENTIFIER(S) CVE-2020-0645 THREAT TYPE Vulnerability
Security Advisory MTIS20-010 - Page 4 of 19 RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft IIS Server could lead to privilege DESCRIPTION escalation. The flaw lies in the improperly handles malformed request headers. Successful exploitation could allow a local user to gain elevated privileges. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE DAT FILES Out of scope
VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope
NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope
REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue.
NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows .LNK file Remote Code Execution (CVE-2020-0684) MTIS20-010-B THREAT IDENTIFIER(S) CVE-2020-0684
THREAT TYPE Vulnerability RISK ASSESSMENT High
MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED Yes A vulnerability in some versions of Microsoft Windows could lead to remote code execution. The flaw lies in the .LNK file component. Successful exploitation by a DESCRIPTION remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. IMPORTANCE High. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE
DAT FILES Coverage not warranted at this time VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend WEB GATEWAY Coverage not warrantedat this time REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Security Advisory MTIS20-010 - Page 5 of 19 Back to top
(MSPT-Mar2020) Microsoft DirectX improperly handles Objects in Memory Privilege Escalation (CVE-2020-0690) MTIS20-010-C THREAT IDENTIFIER(S) CVE-2020-0690
THREAT TYPE Vulnerability RISK ASSESSMENT Medium MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft DirectX could lead to privilege escalation. The flaw lies in the improperly handles objects in memory. Successful exploitation DESCRIPTION could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE
DAT FILES An upcoming VIL content release will contain coverage for this issue. VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend
WEB GATEWAY An upcoming MWGW content release will contain coverage for this issue.
REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue.
NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis
APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Visual Studio improperly handles Pipeline Job Tokens Privilege Escalation (CVE-2020- 0758) MTIS20-010-D THREAT IDENTIFIER(S) CVE-2020-0758
THREAT TYPE Vulnerability
RISK ASSESSMENT Medium MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Visual Studio could lead to privilege escalation. The flaw lies in the improperly handles pipeline job tokens component. DESCRIPTION Successful exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE DAT FILES Out of scope VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER No Coverage Status WEB GATEWAY Out of scope REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue.
Security Advisory MTIS20-010 - Page 6 of 19 NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Defender Handles Certain Objects in Memory Privilege Escalation (CVE-2020-0762) MTIS20-010-E THREAT IDENTIFIER(S) CVE-2020-0762 THREAT TYPE Vulnerability
RISK ASSESSMENT Medium MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Defender could lead to privilege escalation. The flaw lies in handles certain objects in memory. Successful exploitation DESCRIPTION could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE
DAT FILES Out of scope
VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope
NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER Pend
WEB GATEWAY Out of scope
REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue.
NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis
APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Defender Handles Certain Objects in Memory Privilege Escalation (CVE-2020-0763) MTIS20-010-F THREAT IDENTIFIER(S) CVE-2020-0763 THREAT TYPE Vulnerability RISK ASSESSMENT Medium MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Defender could lead to privilege escalation. The flaw lies in handles certain objects in memory. Successful exploitation DESCRIPTION could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE DAT FILES Out of scope VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
Security Advisory MTIS20-010 - Page 7 of 19 HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend
WEB GATEWAY Out of scope REMEDIATION MANAGER Not applicable
POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis
APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft RDCMan Improperly Parses XML Information Disclosure (CVE-2020-0765) MTIS20-010-G THREAT IDENTIFIER(S) CVE-2020-0765 THREAT TYPE Vulnerability
RISK ASSESSMENT Low
MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED Yes A vulnerability in some versions of Microsoft RDCMan could lead to information disclosure. The flaw lies in improperly parses XML. Successful exploitation by a remote DESCRIPTION attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document. IMPORTANCE Low. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE
DAT FILES Coverage not warranted at this time VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
HOST IPS Out of scope
NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER No Coverage Status
WEB GATEWAY Coverage not warrantedat this time
REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue.
NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Browsers Access Objects in Memory Remote Code Execution (CVE-2020-0768) MTIS20-010-H THREAT IDENTIFIER(S) CVE-2020-0768 THREAT TYPE Vulnerability RISK ASSESSMENT High MAIN THREAT VECTORS Web USER INTERACTION REQUIRED Yes A vulnerability in some versions of Microsoft Browsers could lead to remote code
Security Advisory MTIS20-010 - Page 8 of 19 execution. The flaw lies in access objects in memory. Successful exploitation by a DESCRIPTION remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. IMPORTANCE High. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE DAT FILES Coverage not warranted at this time
VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER No Coverage Status WEB GATEWAY Coverage not warrantedat this time
REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows CSC Service Privilege Escalation (CVE-2020-0769) MTIS20-010-I THREAT IDENTIFIER(S) CVE-2020-0769
THREAT TYPE Vulnerability
RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the CSC Service component. Successful exploitation could DESCRIPTION allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE
DAT FILES Out of scope VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
HOST IPS Out of scope
NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows ActiveX Installer Service Privilege Escalation (CVE-2020-0770)
Security Advisory MTIS20-010 - Page 9 of 19 MTIS20-010-J THREAT IDENTIFIER(S) CVE-2020-0770 THREAT TYPE Vulnerability RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the ActiveX Installer Service component. Successful DESCRIPTION exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE DAT FILES Out of scope
VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope
REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue.
NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis
APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows CSC Service Privilege Escalation (CVE-2020-0771) MTIS20-010-K THREAT IDENTIFIER(S) CVE-2020-0771
THREAT TYPE Vulnerability
RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the CSC Service component. Successful exploitation could DESCRIPTION allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE DAT FILES Out of scope VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis
APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope
Security Advisory MTIS20-010 - Page 10 of 19 VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows Error Reporting Privilege Escalation (CVE-2020-0772) MTIS20-010-L THREAT IDENTIFIER(S) CVE-2020-0772 THREAT TYPE Vulnerability
RISK ASSESSMENT Medium MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the Error Reporting component. Successful exploitation DESCRIPTION could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE
DAT FILES Out of scope VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
HOST IPS Out of scope
NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope
REMEDIATION MANAGER Not applicable
POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue.
NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows ActiveX Installer Service Privilege Escalation (CVE-2020-0773) MTIS20-010-M THREAT IDENTIFIER(S) CVE-2020-0773 THREAT TYPE Vulnerability RISK ASSESSMENT Medium MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the ActiveX Installer Service component. Successful DESCRIPTION exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE DAT FILES Out of scope VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope
Security Advisory MTIS20-010 - Page 11 of 19 REMEDIATION MANAGER Not applicable
POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows GDI Information Disclosure (CVE-2020-0774) MTIS20-010-N THREAT IDENTIFIER(S) CVE-2020-0774
THREAT TYPE Vulnerability RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web USER INTERACTION REQUIRED Yes A vulnerability in some versions of Microsoft Windows could lead to information disclosure. The flaw lies in the GDI component. Successful exploitation by a remote DESCRIPTION attacker could result in the disclosure of sensitive information. The exploit requires the user to open a vulnerable website, email or document. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE
DAT FILES Coverage not warranted at this time
VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
HOST IPS Out of scope
NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend
WEB GATEWAY Coverage not warrantedat this time
REMEDIATION MANAGER Not applicable
POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue.
NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis
APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows Error Reporting Privilege Escalation (CVE-2020-0775) MTIS20-010-O THREAT IDENTIFIER(S) CVE-2020-0775 THREAT TYPE Vulnerability RISK ASSESSMENT Medium MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the Error Reporting component. Successful exploitation DESCRIPTION could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE
Security Advisory MTIS20-010 - Page 12 of 19 DAT FILES Out of scope
VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope
NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope
REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue.
NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows AppX Deployment Extensions Privilege Escalation (CVE-2020-0776) MTIS20-010-P THREAT IDENTIFIER(S) CVE-2020-0776
THREAT TYPE Vulnerability RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the AppX Deployment Extensions component. Successful DESCRIPTION exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE
DAT FILES Out of scope
VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER Pend
WEB GATEWAY Out of scope
REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis
APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows Work Folder Service Privilege Escalation (CVE-2020-0777) MTIS20-010-Q THREAT IDENTIFIER(S) CVE-2020-0777 THREAT TYPE Vulnerability RISK ASSESSMENT Medium
Security Advisory MTIS20-010 - Page 13 of 19 MAIN THREAT VECTORS Web USER INTERACTION REQUIRED Yes A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the Work Folder Service component. Successful exploitation DESCRIPTION could allow a local user to gain elevated privileges. The exploit requires the user to open a vulnerable website, email or document. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE DAT FILES Coverage not warranted at this time VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER Pend WEB GATEWAY Coverage not warrantedat this time REMEDIATION MANAGER Not applicable
POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows Network Connections Service Privilege Escalation (CVE-2020-0778) MTIS20-010-R THREAT IDENTIFIER(S) CVE-2020-0778
THREAT TYPE Vulnerability RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the Network Connections Service component. Successful DESCRIPTION exploitation could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE
DAT FILES Out of scope VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Security Advisory MTIS20-010 - Page 14 of 19 Back to top
(MSPT-Mar2020) Microsoft Windows Installer Privilege Escalation (CVE-2020-0779) MTIS20-010-S THREAT IDENTIFIER(S) CVE-2020-0779
THREAT TYPE Vulnerability RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the Installer component. Successful exploitation could allow DESCRIPTION a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE DAT FILES Out of scope VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope REMEDIATION MANAGER Not applicable
POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis
APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows Network List Service Privilege Escalation (CVE-2020-0780) MTIS20-010-T THREAT IDENTIFIER(S) CVE-2020-0780
THREAT TYPE Vulnerability
RISK ASSESSMENT Medium MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the Network List Service component. Successful exploitation DESCRIPTION could allow a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE DAT FILES Out of scope VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
Security Advisory MTIS20-010 - Page 15 of 19 FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows UPnP Privilege Escalation (CVE-2020-0781) MTIS20-010-U THREAT IDENTIFIER(S) CVE-2020-0781
THREAT TYPE Vulnerability RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the UPnP component. Successful exploitation could allow a DESCRIPTION local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE
DAT FILES Out of scope
VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER Pend
WEB GATEWAY Out of scope
REMEDIATION MANAGER Not applicable
POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis
APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows UPnP Privilege Escalation (CVE-2020-0783) MTIS20-010-V THREAT IDENTIFIER(S) CVE-2020-0783 THREAT TYPE Vulnerability RISK ASSESSMENT Medium MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the UPnP component. Successful exploitation could allow a DESCRIPTION local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability MCAFEE PRODUCT COVERAGE DAT FILES Out of scope VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope
Security Advisory MTIS20-010 - Page 16 of 19 NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope
REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue.
NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows ProfSvc Privilege Escalation (CVE-2020-0785) MTIS20-010-W THREAT IDENTIFIER(S) CVE-2020-0785 THREAT TYPE Vulnerability RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the ProfSvc component. Successful exploitation could allow DESCRIPTION a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE
DAT FILES Out of scope
VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope
NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER Pend
WEB GATEWAY Out of scope
REMEDIATION MANAGER Not applicable
POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis
APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows BITS Privilege Escalation (CVE-2020-0787) MTIS20-010-X THREAT IDENTIFIER(S) CVE-2020-0787 THREAT TYPE Vulnerability RISK ASSESSMENT Medium MAIN THREAT VECTORS Web USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege
Security Advisory MTIS20-010 - Page 17 of 19 escalation. The flaw lies in the BITS component. Successful exploitation could allow a DESCRIPTION local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE DAT FILES Out of scope
VIRUS SCAN ENTERPRISE SCAN BOP Out of scope HOST IPS Out of scope NETWORK SECURITY PLATFORM Coverage not warranted
VULNERABILITY MANAGER Pend WEB GATEWAY Out of scope
REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue.
FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope
DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Windows Win32k Privilege Escalation (CVE-2020-0788) MTIS20-010-Y THREAT IDENTIFIER(S) CVE-2020-0788
THREAT TYPE Vulnerability
RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web
USER INTERACTION REQUIRED No A vulnerability in some versions of Microsoft Windows could lead to privilege escalation. The flaw lies in the Win32k component. Successful exploitation could allow DESCRIPTION a local user to gain elevated privileges. The exploit requires the attacker to have valid credentials to the vulnerable system. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE
DAT FILES An upcoming VIL content release will contain coverage for this issue. VIRUS SCAN ENTERPRISE SCAN BOP Out of scope
HOST IPS Out of scope
NETWORK SECURITY PLATFORM Coverage not warranted VULNERABILITY MANAGER Pend WEB GATEWAY An upcoming MWGW content release will contain coverage for this issue. REMEDIATION MANAGER Not applicable POLICY AUDITOR An upcoming SCAP content release will contain coverage for this issue. NETWORK ACCESS CONTROL An upcoming SCAP content release will contain coverage for this issue. FIREWALL ENTERPRISE Under analysis APPLICATION CONTROL Out of scope DATABASE ACTIVITY MONITORING Out of scope VULNERABILITY MANAGER FOR Out of scope DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
(MSPT-Mar2020) Microsoft Azure DevOps Server Improperly Sanitize User Provided Input Remote Code Execution
Security Advisory MTIS20-010 - Page 18 of 19 (CVE-2020-0700) MTIS20-010-Z THREAT IDENTIFIER(S) CVE-2020-0700
THREAT TYPE Vulnerability RISK ASSESSMENT Medium
MAIN THREAT VECTORS Web USER INTERACTION REQUIRED Yes A vulnerability in some versions of Microsoft Azure DevOps Server could lead to remote code execution. The flaw lies in improperly sanitize user provided input. DESCRIPTION Successful exploitation by a remote attacker could result in the execution of arbitrary code. The exploit requires the user to open a vulnerable website, email or document. IMPORTANCE Medium. On March 10, Microsoft released an update to address this vulnerability
MCAFEE PRODUCT COVERAGE DAT FILES No Coverage Status VIRUS SCAN ENTERPRISE SCAN BOP No Coverage Status
HOST IPS No Coverage Status NETWORK SECURITY PLATFORM No Coverage Status
VULNERABILITY MANAGER No Coverage Status WEB GATEWAY No Coverage Status REMEDIATION MANAGER No Coverage Status POLICY AUDITOR No Coverage Status
NETWORK ACCESS CONTROL No Coverage Status
FIREWALL ENTERPRISE No Coverage Status
APPLICATION CONTROL No Coverage Status
DATABASE ACTIVITY MONITORING No Coverage Status VULNERABILITY MANAGER FOR No Coverage Status DATABASES ADDITIONAL INFORMATION Microsoft: Security Update Summary
Back to top
For McAfee Technical Support, click here.
For Multi-National Phone Support, click here.
McAfee values your feedback on this Security Advisory. Please reply to this mail with your comments.
*The information provided is only for the use and convenience of McAfee's customers in connection with their McAfee products, and applies only to the threats described herein. McAfee product coverage statements are limited to known attack vectors and should not be considered comprehensive. THE INFORMATION PROVIDED HEREIN IS PROVIDED "AS IS" AND IS SUBJECT TO CHANGE WITHOUT NOTICE.
The information contained herein is the property of McAfee, LLC and may not be reproduced or disseminated without the expressed written consent of McAfee, LLC.
McAfee and the McAfee logo are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the US and other countries. Other marks and brands may be claimed as the property of others.
McAfee, Inc. 2821 Mission College Blvd, Santa Clara, CA 95054 888.847.8766 www.mcafee.com
® 2018 McAfee, LLC. All rights reserved.
Security Advisory MTIS20-010 - Page 19 of 19