Microsoft Security Bulletin Coverage for November 2020

By

SonicWall Capture Labs threat research team has analyzed and addressed Microsoft’s security advisories for the month of November 2020. A list of issues reported, along with SonicWall coverage information are as follows:

CVE-2020-16998 DirectX Elevation of Privilege Vulnerability
ASPY 5907:Malformed-File exe.MP.131

CVE-2020-17010 Win32k Elevation of Privilege Vulnerability
ASPY 125:Malformed-File exe.MP.165
CVE-2020-17038 Win32k Elevation of Privilege Vulnerability
ASPY 124:Malformed-File exe.MP.164

CVE-2020-17047 Windows Network File System Denial of Service Vulnerability
IPS 15220:Windows Network File System Denial of Service (CVE-2020-17047)

CVE-2020-17051 Windows Network File System Remote Code Execution Vulnerability
IPS 15223:Windows Network File System Remote Code Execution (CVE-2020-17051)

CVE-2020-17052 Scripting Engine Memory Corruption Vulnerability
IPS 15221:Scripting Engine Memory Corruption Vulnerability (CVE-2020-17052)

CVE-2020-17053 Internet Explorer Memory Corruption Vulnerability
IPS 15222:Internet Explorer Memory Corruption Vulnerability (CVE-2020-17053)

CVE-2020-17056 Windows Network File System Information Disclosure Vulnerability
IPS 15226:Windows NFS Information Disclosure (CVE-2020-17056)

CVE-2020-17057 Windows Win32k Elevation of Privilege Vulnerability
ASPY 123:Malformed-File exe.MP.161

CVE-2020-17061 Microsoft SharePoint Remote Code Execution Vulnerability
ASPY 126:Malformed-File exe.MP.166
IPS 15224: Microsoft SharePoint Remote Code Execution (CVE-2020-17061) 1
IPS 15225: Microsoft SharePoint Remote Code Execution (CVE-2020-17061) 2

CVE-2020-17087 Windows Kernel Local Elevation of Privilege Vulnerability
ASPY 117:Malformed-File exe.OT.1
GAV:CVE-2020-17087

CVE-2020-17088 Windows Common Log File System Driver Elevation of Privilege Vulnerability
ASPY 122:Malformed-File exe.MP.160

Following vulnerabilities do not have exploits in the wild :
CVE-2020-1325 Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2020-1599 Windows Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2020-16970 Azure Sphere Unsigned Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16979 Microsoft SharePoint Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16981 Azure Sphere Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16982 Azure Sphere Unsigned Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16983 Azure Sphere Tampering Vulnerability
There are no known exploits in the wild.
CVE-2020-16984 Azure Sphere Unsigned Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16985 Azure Sphere Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16986 Azure Sphere Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2020-16987 Azure Sphere Unsigned Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16988 Azure Sphere Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16989 Azure Sphere Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16990 Azure Sphere Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16991 Azure Sphere Unsigned Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16992 Azure Sphere Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16993 Azure Sphere Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-16994 Azure Sphere Unsigned Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-16997 Remote Desktop Protocol Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-16999 Windows WalletService Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17000 Remote Desktop Protocol Client Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17001 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17004 Windows Graphics Component Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17005 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2020-17006 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2020-17007 Windows Error Reporting Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17011 Windows Port Class Library Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17012 Windows Bind Filter Driver Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17013 Win32k Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17014 Windows Print Spooler Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17015 Microsoft SharePoint Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2020-17016 Microsoft SharePoint Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2020-17017 Microsoft SharePoint Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17018 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2020-17019 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17020 Microsoft Word Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-17021 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
There are no known exploits in the wild.
CVE-2020-17024 Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17025 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17026 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17027 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17028 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17029 Windows Canonical Display Driver Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17030 Windows MSCTF Server Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17031 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17032 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17033 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17034 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17035 Windows Kernel Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17036 Windows Function Discovery SSDP Provider Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17037 Windows WalletService Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17040 Windows Hyper-V Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-17041 Windows Print Configuration Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17042 Windows Print Spooler Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17043 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17044 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17045 Windows KernelStream Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17046 Windows Error Reporting Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2020-17048 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-17049 Kerberos Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-17054 Chakra Scripting Engine Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-17055 Windows Remote Access Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17058 Microsoft Browser Memory Corruption Vulnerability
There are no known exploits in the wild.
CVE-2020-17060 Microsoft SharePoint Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2020-17062 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17063 Microsoft Office Online Spoofing Vulnerability
There are no known exploits in the wild.
CVE-2020-17064 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17065 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17066 Microsoft Excel Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17067 Microsoft Excel Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-17068 Windows GDI+ Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17069 Windows NDIS Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17070 Windows Update Medic Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17071 Windows Delivery Optimization Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17073 Windows Update Orchestrator Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17074 Windows Update Orchestrator Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17075 Windows USO Core Worker Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17076 Windows Update Orchestrator Service Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17077 Windows Update Stack Elevation of Privilege Vulnerability
There are no known exploits in the wild.
CVE-2020-17078 Raw Image Extension Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17079 Raw Image Extension Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17081 Microsoft Raw Image Extension Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17082 Raw Image Extension Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17083 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17084 Microsoft Exchange Server Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17085 Microsoft Exchange Server Denial of Service Vulnerability
There are no known exploits in the wild.
CVE-2020-17086 Microsoft Raw Image Extension Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17090 Microsoft Defender for Endpoint Security Feature Bypass Vulnerability
There are no known exploits in the wild.
CVE-2020-17091 Microsoft Teams Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17100 Visual Studio Tampering Vulnerability
There are no known exploits in the wild.
CVE-2020-17101 HEIF Image Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17102 WebP Image Extensions Information Disclosure Vulnerability
There are no known exploits in the wild.
CVE-2020-17104 Visual Studio Code JSHint Extension Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17105 AV1 Video Extension Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17106 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17107 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17108 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17109 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17110 HEVC Video Extensions Remote Code Execution Vulnerability
There are no known exploits in the wild.
CVE-2020-17113 Windows Camera Codec Information Disclosure Vulnerability
There are no known exploits in the wild.

Security News
The SonicWall Capture Labs Threat Research Team gathers, analyzes and vets cross-vector threat information from the SonicWall Capture Threat network, consisting of global devices and resources, including more than 1 million security sensors in nearly 200 countries and territories. The research team identifies, analyzes, and mitigates critical vulnerabilities and malware daily through in-depth research, which drives protection for all SonicWall customers. In addition to safeguarding networks globally, the research team supports the larger threat intelligence community by releasing weekly deep technical analyses of the most critical threats to small businesses, providing critical knowledge that defenders need to protect their networks.