Security News > 2020 > September > Enjoyed the US Labor Day weekend? Because it's September 2020 and Exchange Server can be pwned via email
September sees a bundle of 129 CVE-listed flaws patched by Microsoft.
Of the nearly two-dozen critical patches, Zero Day Initiative's Dustin Childs says that far and away the most serious is CVE-2020-16875, a memory object error in Exchange Server that allows a poisoned email to execute code with System clearance.
"We have seen the previously patched Exchange bug CVE-2020-0688 used in the wild, and that requires authentication. We'll likely see this one in the wild soon."
Intel drops critical fix for AMT/ISM. Of the four patches released this month by Intel, the most serious looks to the fix for CVE-2020-8758, an elevation of privilege bug in Active Management Technology and Standard Manageability.
Finally, there is Adobe Experience Manager, where a total of 11 CVE-listed bugs were patched.
News URL
https://go.theregister.com/feed/www.theregister.com/2020/09/08/patch_tuesday_september/
Related news
- US sanctions crypto exchanges used by Russian darknet market, banks (source)
- 17,000+ Microsoft Exchange servers in Germany are vulnerable to attack, BSI warns (source)
- Germany warns of 17K vulnerable Microsoft Exchange servers exposed online (source)
- These 17,000 unpatched Microsoft Exchange servers are a ticking time bomb (source)
- Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk (source)
- US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack (source)
- Microsoft breach allowed Russian spies to steal emails from US government (source)
- Microsoft will limit Exchange Online bulk emails to fight spam (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-11 | CVE-2020-16875 | Improper Privilege Management vulnerability in Microsoft Exchange Server 2016/2019 <p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p> <p>An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. | 8.4 |
| 2020-09-10 | CVE-2020-8758 | Improper buffer restrictions in network subsystem in provisioned Intel(R) AMT and Intel(R) ISM versions before 11.8.79, 11.12.79, 11.22.79, 12.0.68 and 14.0.39 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | 9.8 |
| 2020-02-11 | CVE-2020-0688 | Improper Authentication vulnerability in Microsoft Exchange Server A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. | 8.8 |