Security News

Among the vulnerabilities patched by Microsoft on May 2020 Patch Tuesday is CVE-2020-1048, a "Lowly" privilege escalation vulnerability in the Windows Print Spooler service. CVE-2020-1048, which affects Windows 7, 8.1, and 10 and Windows Server 2008, 2012, 2016, and 2019, arises from the Windows Print Spooler service improperly allowing arbitrary writing to the file system.

After a flurry of zero-day vulnerabilities in recent editions, May's Patch Tuesday finally gives Windows users a month off having to fix 'big' exploited or public flaws. The catch is it's still one of the biggest patch rounds Microsoft has ever released, featuring 111 CVE-level bug fixes, nearly half of which are in Windows itself.

A list posted by US-CERT this week rattles off the 10 most oft-targeted security vulnerabilities during the past three years, and finds that, shock horror, for the most part, keeping up with patching will keep you safe. Microsoft ranks highly in the list because its software is widely used, and provides the most potential targets for hackers, though on the other hand, fixes have been available for these bugs for a long while: it doesn't have to be this way, people.

Remember the Reverse RDP Attack-wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft's Remote Desktop Protocol? Though Microsoft had patched the vulnerability as part of its July 2019 Patch Tuesday update, it turns out researchers were able to bypass the patch just by replacing the backward slashes in paths with forward slashes.

Microsoft's May 2020 security updates patch 111 vulnerabilities, including 16 rated critical, but none of them has been exploited in attacks or disclosed before fixes were released. "For the past three months, Microsoft has been issuing very large Patch Tuesday releases, with March fixing 115 vulnerabilities, April with 113, and now May with 111. This shows their commitment to resolving vulnerabilities in their software, and their continued engagement with the security community."

Microsoft today issued software updates to plug at least 111 security holes in Windows and Windows-based programs. May marks the third month in a row that Microsoft has pushed out fixes for more than 110 security flaws in its operating system and related software.

An attacker who successfully exploited either vulnerability could run arbitrary code in kernel mode; thus, an attacker could then install programs; view, change or delete data; or create new accounts with full user rights. In all cases an attack requires user interaction, such as tricking users into clicking a link that takes them to the attacker's site.

For the May 2020 Patch Tuesday, Microsoft has fixed 111 CVE-numbered flaws and Adobe 36, but none are under active attack. The vulnerability is found in most Windows 10 and Windows Server builds and Microsoft deems it "More likely to be exploited."

VMware is working on patches for its vRealize Operations Manager product to fix two recently disclosed Salt vulnerabilities that have already been exploited to hack organizations. Researchers discovered recently that the configuration management and orchestration system Salt is affected by serious vulnerabilities that can be exploited for authentication bypass and directory traversal.

If you are running an online discussion forum based on vBulletin software, make sure it has been updated to install a newly issued security patch that fixes a critical vulnerability. Maintainers of the vBulletin project recently announced an important patch update but didn't reveal any information on the underlying security vulnerability, identified as CVE-2020-12720.