This week, Microsoft has released the first security updates of 2020. With Patch Tuesday January updates, Microsoft has rolled out fixes for 49 different security bugs, with eight of them being critical severity flaws. However, there were also some interesting fixes for relatively less severe bugs.
Key Microsoft Updates Released This Month
With Patch Tuesday January 2020, Microsoft has patched some interesting vulnerabilities. One such vulnerability is the CryptoAPI Spoofing flaw CVE-2020-0601. It was an important severity flaw with potential exploitability. Fortunately, Microsoft fixed it earlier. Describing it in an advisory, Microsoft stated,
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.
An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious because the digital signature would appear to be from a trusted provider.
Exploiting this bug could allow an attacker to decrypt sensitive data, or perform MiTM attacks.
Microsoft also patched two critical remote code execution flaws, CVE-2020-0609 and CVE-2020-0610, in Windows Remote Desktop Gateway Server. Describing both the flaws, Microsoft stated,
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.
An attacker, after exploiting the flaw, could gain full access and execute arbitrary codes on the target device.
Other Fixes In Patch Tuesday Updates
In addition to the above, Microsoft also patched six other critical security flaws that could allow remote code execution. These vulnerabilities existed in Internet Explorer (CVE-2020-0640), .NET Framework (CVE-2020-0605, CVE-2020-0606, CVE-2020-0646), ASP.NET Core (CVE-2020-0603), and Remote Desktop Client (CVE-2020-0611).
This month’s updates also include fixes for 40 important severity flaws leading to escalation of privilege, information disclosure, spoofing, and remote code execution.
Windows users should hence ensure that their systems receive the scheduled updates to stay protected.