Microsoft Update Fixes 58 Security Flaws

On Tuesday 8th December 2020 Microsoft issued its final Patch Tuesday of 2020. This update included fixes for 58 newly discovered security flaws, and spans across 11 products and services in Microsoft's offering.

This release includes 9 patches which are Critical, 46 rated as Important and 3 rated Moderate in their severity. The release addresses issues in Microsoft Windows, Edge Browser, ChakraCore, Microsoft Office, Exchange Server, Azure DevOps, Microsoft Dynamics, Visual Studio, Azure SDK and Azure Sphere. It is currently understood that none of the flaws which have been patched this month are publicly known or being actively exploited in the wild.

There is a number of remote code execution (RCE) flaws in Microsoft Exchange (CVE-2020-17132), SharePoint (CVE-2020-17118, CVE-2020-17121), Excel (CVE-2020-17123), and Hyper-V virtualisation software (CVE-2020-17095), and a patch for a security feature bypass which exists in Kerberos (CVE-2020-16996).

The highest CVSS score in this release was 9.9 and is associated with the Hyper-V virtualisation software (CVE-2020-17095) remote code execution (RCE) flaw.

Microsoft has explained, “To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code when it fails to properly validate vSMB packet data.”

Included in this month’s release is an advisory for an Addressing Spoofing Vulnerability in DNS Resolver (CVE-2020-25705).

This vulnerability uses DNS Cache Poisoning to enable an attacker to spoof the DNS packet, which can be cached by the DNS Forwarder or the DNS Resolver. This attack method is commonly known as a Side-channel AttackeD DNS attack (SAD DNS Attack).

To reduce exposure to this vulnerability Microsoft recommends a registry workaround that involves changing the UDP packet size to 1,221 bytes (4C5 Hexadecimal). This means that any response larger than 4C5 or 1221, the DNS resolver now switches to TCP instead of UDP. As this attack relies on sending spoofed UDP (User Datagram Protocol) messages to defeat source port randomisation for DNS requests, implementing this workaround causes DNS queries larger than 4C5 (hex) to switch to TCP, therefore mitigating the issue.

 

How can we help?

Secora Consulting offers a wide range of services which we tailor to meet our client’s requirements. Our Vulnerability Assessment service can provide you with a prioritised list of your vulnerabilities and easy to follow remediation advice to immediately improve your cyber security posture. We can help you prepare for the worst-case scenario by simulating threats to your organisation.

Should you ever be on the unfortunate end of a cyber attack our in-depth knowledge and Incident Response service will have your organisation's ransomware free and up and running in no time.

Partner with us today, our experienced consultants will go the extra mile to ensure your organisation stays secure by:

• Validating implemented security controls
• Prioritising your risks based on their exploitability and impact
• Providing expert and effective advice to immediately improve your cyber security posture
• Understanding how uncovered issues will affect your organisation, operations availability and profitability
• Recovery from incidents and cyber attacks.