Service Notices
Microsoft Releases May 2020 Security Updates
May 15, 2020 GMT+08:00
I. Overview
Microsoft recently released its monthly set of security updates. 111 vulnerabilities are disclosed, among which 16 are rated important. Attackers can exploit these vulnerabilities to perform remote code execution, escalate privileges, and obtain sensitive information. The following software is affected: Microsoft Windows, Microsoft Edge, Microsoft Office, and SharePoint.
Microsoft release notes:
https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-May
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Microsoft Windows, Microsoft Edge, Microsoft Office, and SharePoint
IV. Vulnerability Details
CVE ID | Vulnerability Name | Severity | Vulnerability Description |
CVE-2020-1117 | Microsoft Color Management Remote Code Execution Vulnerability | Important | A remote code execution vulnerability exists in the way that the Color Management Module (ICM32.dll) handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. |
CVE-2020-1056 | Microsoft Edge Elevation of Privilege Vulnerability | Important | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. |
CVE-2020-1028 CVE-2020-1126 CVE-2020-1136 | Media Foundation Memory Corruption Vulnerability | Important | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. |
CVE-2020-1023 CVE-2020-1024 CVE-2020-1102 | Microsoft SharePoint Code Execution Vulnerability | Important | A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. |
CVE-2020-1069 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Important | A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context of the SharePoint application pool process. |
CVE-2020-1153 | Microsoft Graphics Components Remote Code Execution Vulnerability | Important | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. |
CVE-2020-1064 | MSHTML Engine Remote Code Execution Vulnerability | Important | A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. |
CVE-2020-1093 | VBScript Remote Code Execution Vulnerability | Important | A remote code executionvulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Unauthorized attackers can use this vulnerability to obtain privileges as authorized users. |
CVE-2020-1192 | Visual Studio Code Python Extension Remote Code Execution Vulnerability | Important | A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads workspace settings from a notebook file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. |
CVE-2020-1037 | Chakra Scripting Engine Memory Corruption Vulnerability | Important | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (based on HTML). The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
CVE-2020-1062 | Internet Explorer Memory Corruption Vulnerability | Important | A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
CVE-2020-1065 | Scripting Engine Memory Corruption Vulnerability | Important | A remote code execution vulnerability exists in the way that the ChakraCore script engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. |
(Note: Vulnerabilities listed above are important ones. For more information, refer to the official website of Microsoft.)
V. Security Recommendations
1. Use Windows Update or download patches from the following address to fix the vulnerabilities:
https://portal.msrc.microsoft.com/en-us/security-guidance
2. Back up data remotely to protect your data.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.