Microsoft Addresses Windows TCP/IP RCE/DoS Vulnerabilities

by Faith Gill
Desktop & Applications Analyst

It is Cybersecurity Awareness Month!

In keeping with that theme, on October 13th Microsoft released Security patches to fix at least 87 security problems in Windows and programs that run on top of the operating system. 11 of those vulnerabilities are listed as Critical security updates addressing the Windows TCP/IP RCE/DoS Vulnerability.

Vulnerabilities of Interest – that can be exploited remotely!

  • CVE-2020-16911 – GDI+ Remote Code Execution Vulnerability lets attackers create specialty crafted websites that can execute commands with elevated privileges on the visitor’s computer.
  • CVE-2020-16947 – Microsoft Outlook Remote Code Execution Vulnerability allows attackers to send specially crafted emails that can execute commands when opened in the Microsoft Outlook software.  This attack also works when an email is viewed in the preview pane.
  • CVE-2020-16898 – Windows TCP/IP Remote Code Execution Vulnerability can be exploited by sending specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. If successful, it could allow a remote attacker to execute commands on the targeted computer.
  • CVE-2020-16891 – Windows Hyper-V Remote Code Execution Vulnerability would allow an attacker, or malware, on a guest Hyper-V virtual machine to execute commands on the host operating system.
  • CVE-2020-16915 – Media Foundation Memory Corruption Vulnerability can be exploited for remote code execution by tricking a user into visiting a malicious website.

Complete List of October 2020 Security Updates https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Oct

The good news is that Microsoft states none of them have been seen publicly exploited.

Affected Windows Versions

  • Microsoft Windows Server 2019, version 1903/1909/2004
  • Microsoft Windows 10 version 1709
  • Microsoft Windows 10 version 1803
  • Microsoft Windows 10 version 1809
  • Microsoft Windows 10 version 1903
  • Microsoft Windows 10 version 1909
  • Microsoft Windows 10 version 2004

Helient strongly recommends anyone running the specified Windows versions to update as soon as possible. If you or your firm require any technical assistance, contact Helient’s experts via service@helient.com.