Microsoft released its June 2020 security updates, which patch a total of 129 new vulnerabilities affecting various versions of Windows operating systems and related products. This is the third Patch Tuesday update since the start of the global Covid-19 outbreak, putting extra pressure on security groups.
These 129 vulnerabilities include 11 critical vulnerabilities, all of which lead to remote code execution attacks, and 118 critical vulnerabilities, most of which lead to privilege escalation and spoofing attacks. Fortunately, it appears that attackers did not exploit any of the zero-day vulnerabilities, and details of any of the vulnerabilities patched this month were not previously publicly disclosed, according to Microsoft’s published advisory.
One of the notable vulnerabilities is the information disclosure vulnerability in the Server Message Block 3.1.1 (SMBv3) protocol, which, according to a group of researchers, can be exploited in combination with the previous SMBGhost vulnerability to carry out remote code execution attacks. Three critical flaws affect the VBScript engine and the way it manages objects in memory, allowing an attacker to execute arbitrary code in the context of the current user.
Microsoft has listed these vulnerabilities as “highly exploitable,” explaining that in the past it has seen attackers consistently exploit similar vulnerabilities and can do so remotely through a browser, application, or Microsoft Office document that Host the IE rendering engine.
One of the 11 critical vulnerabilities exploits a vulnerability in the way Windows handles shortcut files (.LNK), allowing attackers to remotely execute arbitrary code on target systems. As with all previous LNK vulnerabilities, this type of attack may lead to victims losing control of their computers or stealing their sensitive information.
The GDI+ component that allows programs to use graphics and text on a video display or printer in Windows is vulnerable to a remote code execution vulnerability. According to Microsoft, the GDI+ remote code execution vulnerability can be exploited in combination with a critical security bypass vulnerability affecting Microsoft’s Outlook software that would allow attackers to automatically execute malicious images hosted on a remote server. download
The advisory states that in an email attack scenario, an attacker could exploit this vulnerability by sending a manipulated image to the user. An attacker who successfully exploited this vulnerability could force the system to load remote images. These images can reveal the IP address of the target system to the attacker.
Additionally, the June 2020 update includes a patch for a critical remote code execution vulnerability affecting Adobe Flash Player on Windows systems. It is recommended that all users apply the latest security patches as soon as possible to prevent malware or attackers from exploiting these vulnerabilities to gain remote control of vulnerable computers.
