وصله امنیتی سه شنبه های مایکروسافت مربوط به ماه جولای 2020 منتشر شد. در این به روز رسانی، مایکروسافت 123 آسیب پذیری موجود در محصولات خود را برطرف کرد که 18 مورد از این آسیب پذیری ها در دسته حیاتی و 105 مورد از آن ها در دسته مهم قرار گرفتند.
در آسیب پذیری های رفع شده در این ماه، یک آسیب پذیری مهم 10.0 DNS وجود دارد.
کاربران باید حتما و در اسرع وقت برای حفظ امنیت ویندوز خود نسبت به نصب این به روزرسانی ها اقدام نمایند.
آسیب پذیری DNS
این آسیب پذیری بسیار حیاتی با کد CVE-2020-1350 و به نام SigRed در سرور DNS ویندوز به مهاجمهین اجازه اجرای کد از راه دور را می دهد. طبق بررسی های محققین این آسیب گذیری بسیار خطرناک بوده و مهاجم می تواند بدافزارهای Wormable ایجاد کرده و از طریق شبکه آن را گسترش دهد.
این آسیب پذیری به فرد مهاجم اجازه مي دهد بدون هیچگونه دسترسی بتواند با ارسال یک Query مخرب به DNS Server کد دلخواه خود را به اجرا در آورده و دسترسی Domain Admin را از راه دور برای خود ایجاد کرده و کنترل کامل زیرساخت شبکه را در دست بگیرد! لازم است بر اساس تاكيد مايكروسافت بر فوريت و اهميت موضوع، Adminهای محترم در اسرع وقت نسبت به نصب Patch مربوط به این آسیب پذیری اقدام نمایند.
اين آسيب پذيري در تمامی Windowsهای Server از نسخه 2003 تا 2019 وجود دارد و مهاجمان با ساختن یک Worm تعداد بسیار زیادی سازمان را مورد هدف قرار داده و به شبکه آنها نفوذ مي کنند. فرد مهاجم با نفوذ به یک سیستم می تواند مجددا از این آسیب پذیری استفاده کرده و به سیستم های پشت آن نفوذ کند. لذا سیستم هایی هم که مستقیما به اینترنت وصل نیستند هم می توانند مورد حمله گسترده قرار بگیرند.
این Worm می تواند به گونه ای طراحی شود که ظرف چند دقیقه به یک کامپیوتر نفوذ کند و از آنجا به هزاران کامپیوتر دیگر نفوذ کرده و به همین ترتیب در مدت کوتاهی میلیون ها کامپیوتر را در سراسر دنیا تحت تاثیر خود قرار دهد. حتی اگر DNS Server شما به اینترنت وصل نباشد فرد مهاجم می تواند با ارسال یک Email به یکی از کاربران سازمان که حاوی لینکی با DNS Query مخرب است باعث شود که DNS Server سازمان Crash کند.
دو آسیب پذیری حیاتی دیگر در Microsoft Edge و موتور VBScrip وجود دارد که به مهاجمین اجازه اجرای کد از راه دور از طریق ردیابی یک کاربر که وبسایت مخربی رو مشاهده می کند، را می دهد.
- CVE-2020-1436 – Windows Font Library Remote Code Execution Vulnerability
- CVE-2020-1435 – GDI+ Remote Code Execution Vulnerability
اگر بهره برداری موفق از این آسیب پذیری ها انجام شود، مهاجم می تواند با دسترسی های کاربر دستورات دلخواه خود را در سیستم اجرا نماید.
در 4 آسیب پذیری حیاتی دیگر، مهاجم، کاربران را ترغیب به دانلود فایل مخرب می کند و این آسیب پذیری ها می تواند در حملات فیشینگ و وب مورد استفاده قرار گیرند.
• CVE-2020-1409 – DirectWrite Remote Code Execution Vulnerability
• CVE-2020-1349 – Microsoft Outlook Remote Code Execution Vulnerability
• CVE-2020-1410 – Windows Address Book Remote Code Execution Vulnerability
• CVE-2020-1421 – LNK Remote Code Execution Vulnerability
6 آسیب پذیری حیاتی دیگر آسیب پذیری های Hyper-V به مهاجمین اجازه می دهد به عنوان مهمان در فضای Host کد دلخواه خود را اجرا نمایند.
در جدول زیر کلیه آسیب پذیری های رفع شده در این به روزرسانی به همراه لینک دانلود، لیست شده اند:
| Tag | CVE ID | CVE Title | Severity |
|---|---|---|---|
| .NET Framework | CVE-2020-1147 | .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability | Critical |
| Azure DevOps | CVE-2020-1326 | Azure DevOps Server Cross-site Scripting Vulnerability | Important |
| Internet Explorer | CVE-2020-1432 | Skype for Business via Internet Explorer Information Disclosure Vulnerability | Important |
| Microsoft Edge | CVE-2020-1433 | Microsoft Edge PDF Information Disclosure Vulnerability | Important |
| Microsoft Edge | CVE-2020-1462 | Skype for Business via Microsoft Edge (EdgeHTML-based) Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2020-1355 | Windows Font Driver Host Remote Code Execution Vulnerability | Important |
| Microsoft Graphics Component | CVE-2020-1468 | Windows GDI Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2020-1351 | Microsoft Graphics Component Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2020-1436 | Windows Font Library Remote Code Execution Vulnerability | Critical |
| Microsoft Graphics Component | CVE-2020-1435 | GDI+ Remote Code Execution Vulnerability | Critical |
| Microsoft Graphics Component | CVE-2020-1412 | Microsoft Graphics Components Remote Code Execution Vulnerability | Important |
| Microsoft Graphics Component | CVE-2020-1409 | DirectWrite Remote Code Execution Vulnerability | Critical |
| Microsoft Graphics Component | CVE-2020-1408 | Microsoft Graphics Remote Code Execution Vulnerability | Important |
| Microsoft Graphics Component | CVE-2020-1397 | Windows Imaging Component Information Disclosure Vulnerability | Important |
| Microsoft Graphics Component | CVE-2020-1381 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Microsoft Graphics Component | CVE-2020-1382 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2020-1407 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2020-1400 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft JET Database Engine | CVE-2020-1401 | Jet Database Engine Remote Code Execution Vulnerability | Important |
| Microsoft Malware Protection Engine | CVE-2020-1461 | Microsoft Defender Elevation of Privilege Vulnerability | Important |
| Microsoft Office | CVE-2020-1445 | Microsoft Office Information Disclosure Vulnerability | Important |
| Microsoft Office | CVE-2020-1446 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-1349 | Microsoft Outlook Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2020-1439 | PerformancePoint Services Remote Code Execution Vulnerability | Critical |
| Microsoft Office | CVE-2020-1240 | Microsoft Excel Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-1458 | Microsoft Office Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-1442 | Office Web Apps XSS Vulnerability | Important |
| Microsoft Office | CVE-2020-1449 | Microsoft Project Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-1447 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office | CVE-2020-1448 | Microsoft Word Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-1456 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-1454 | Microsoft SharePoint Reflective XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-1342 | Microsoft Office Information Disclosure Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-1443 | Microsoft SharePoint Spoofing Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-1450 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-1444 | Microsoft SharePoint Remote Code Execution Vulnerability | Important |
| Microsoft Office SharePoint | CVE-2020-1451 | Microsoft Office SharePoint XSS Vulnerability | Important |
| Microsoft OneDrive | CVE-2020-1465 | Microsoft OneDrive Elevation of Privilege Vulnerability | Important |
| Microsoft Scripting Engine | CVE-2020-1403 | VBScript Remote Code Execution Vulnerability | Critical |
| Microsoft Windows | CVE-2020-1406 | Windows Network List Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1410 | Windows Address Book Remote Code Execution Vulnerability | Critical |
| Microsoft Windows | CVE-2020-1085 | Windows Function Discovery Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1402 | Windows ActiveX Installer Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1330 | Windows Mobile Device Management Diagnostics Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2020-1431 | Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1405 | Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1404 | Windows Runtime Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1438 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1430 | Windows UPnP Device Host Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1429 | Windows Error Reporting Manager Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1463 | Windows SharedStream Library Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1437 | Windows Network Location Awareness Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1434 | Windows Sync Host Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1427 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1413 | Windows Runtime Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1333 | Group Policy Services Policy Processing Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1428 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1249 | Windows Runtime Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1267 | Local Security Authority Subsystem Service Denial of Service Vulnerability | Important |
| Microsoft Windows | CVE-2020-1399 | Windows Runtime Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1365 | Windows Event Logging Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1366 | Windows Print Workflow Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1359 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1363 | Windows Picker Platform Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1370 | Windows Runtime Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1373 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1374 | Remote Desktop Client Remote Code Execution Vulnerability | Critical |
| Microsoft Windows | CVE-2020-1371 | Windows Event Logging Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1372 | Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1356 | Windows iSCSI Target Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1420 | Windows Error Reporting Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2020-1421 | LNK Remote Code Execution Vulnerability | Critical |
| Microsoft Windows | CVE-2020-1350 | Windows DNS Server Remote Code Execution Vulnerability | Critical |
| Microsoft Windows | CVE-2020-1418 | Windows Diagnostics Hub Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1422 | Windows Runtime Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1353 | Windows Runtime Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1354 | Windows UPnP Device Host Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1347 | Windows Storage Services Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1352 | Windows USO Core Worker Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1375 | Windows COM Server Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1390 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1391 | Windows Agent Activation Runtime Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2020-1386 | Connected User Experiences and Telemetry Service Information Disclosure Vulnerability | Important |
| Microsoft Windows | CVE-2020-1387 | Windows Push Notification Service Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1395 | Windows Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1398 | Windows Lockscreen Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1393 | Windows Diagnostics Hub Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1394 | Windows Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1385 | Windows Credential Picker Elevation of Privilege Vulnerability | Important |
| Microsoft Windows | CVE-2020-1384 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | Important |
| Open Source Software | CVE-2020-1469 | Bond Denial of Service Vulnerability | Important |
| Skype for Business | CVE-2020-1025 | Microsoft Office Elevation of Privilege Vulnerability | Critical |
| Visual Studio | CVE-2020-1416 | Visual Studio and Visual Studio Code Elevation of Privilege Vulnerability | Important |
| Visual Studio | CVE-2020-1481 | Visual Studio Code ESLint Extention Remote Code Execution Vulnerability | Important |
| Windows Hyper-V | CVE-2020-1041 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability | Critical |
| Windows Hyper-V | CVE-2020-1040 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability | Critical |
| Windows Hyper-V | CVE-2020-1032 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability | Critical |
| Windows Hyper-V | CVE-2020-1036 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability | Critical |
| Windows Hyper-V | CVE-2020-1042 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability | Critical |
| Windows Hyper-V | CVE-2020-1043 | Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability | Critical |
| Windows IIS | ADV200008 | Microsoft Guidance for Enabling Request Smuggling Filter on IIS Servers | Important |
| Windows Kernel | CVE-2020-1367 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2020-1396 | Windows ALPC Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2020-1336 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2020-1419 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2020-1426 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2020-1358 | Windows Resource Policy Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2020-1388 | Windows Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2020-1389 | Windows Kernel Information Disclosure Vulnerability | Important |
| Windows Kernel | CVE-2020-1357 | Windows System Events Broker Elevation of Privilege Vulnerability | Important |
| Windows Kernel | CVE-2020-1411 | Windows Kernel Elevation of Privilege Vulnerability | Important |
| Windows Shell | CVE-2020-1415 | Windows Runtime Elevation of Privilege Vulnerability | Important |
| Windows Shell | CVE-2020-1360 | Windows Profile Service Elevation of Privilege Vulnerability | Important |
| Windows Shell | CVE-2020-1414 | Windows Runtime Elevation of Privilege Vulnerability | Important |
| Windows Shell | CVE-2020-1368 | Windows Credential Enrollment Manager Service Elevation of Privilege Vulnerability | Important |
| Windows Subsystem for Linux | CVE-2020-1423 | Windows Subsystem for Linux Elevation of Privilege Vulnerability | Important |
| Windows Update Stack | CVE-2020-1392 | Windows Elevation of Privilege Vulnerability | Important |
| Windows Update Stack | CVE-2020-1346 | Windows Modules Installer Elevation of Privilege Vulnerability | Important |
| Windows Update Stack | CVE-2020-1424 | Windows Update Stack Elevation of Privilege Vulnerability | Important |
| Windows WalletService | CVE-2020-1344 | Windows WalletService Elevation of Privilege Vulnerability | Important |
| Windows WalletService | CVE-2020-1364 | Windows WalletService Denial of Service Vulnerability | Important |
| Windows WalletService | CVE-2020-1369 | Windows WalletService Elevation of Privilege Vulnerability | Important |
| Windows WalletService | CVE-2020-1361 | Windows WalletService Information Disclosure Vulnerability | Important |
| Windows WalletService | CVE-2020-1362 | Windows WalletService Elevation of Privilege Vulnerability | Important |
منابع :
