Further, there are two zero-day vulnerabilities, too, were detected that are being actively exploited since last month! While Microsoft then suggested for workaround techniques, applying the official patch would safeguard you ultimately. Nevertheless, learn what those significant vulnerabilities are;
The Dual Zero-Day Vulnerabilities
Starting with the two zero-day vulnerabilities, these were recorded as CVE-2020-1020 and CVE-2020-0938. And the maker has already warned the community on March 23rd initially about potential RCE attacks. The zero-day vulnerability existed in Adobe’s Type Manager Library (atmfd.dll), where improper handling of this library led any remote attacker to exploit by sending a specially crafted malicious file and, if opened, can grant admin access to him.
The Dual Zero-Day VulnerabilitiesThe Seven Critical VulnerabilitiesCVE-2020-0965CVE-2020-0907CVE-2020-0910CVE-2020-0687CVE-2020-0948, CVE-2020-0949, and CVE-2020-0950.Required User Action
While Microsoft suggested few workarounds like disabling WebClient or Preview Pane, updating to the latest solution now shall rectify it.
The Seven Critical Vulnerabilities
CVE-2020-0965
This is related to Windows Codecs Library, which is similar to previous zero-day vulnerability like improper handling of objects in memory, and a maliciously crafted image file could lead an attacker to exploit via RCE attack.
CVE-2020-0907
This is similar to the vulnerability existing in Windows Codec Library, where improper handling of objects in memory could lead to an attacker exploiting the user’s PC for admin rights. But before that, the user is supposed to open a malicious file crafted by an attacker, that would execute arbitrary code in the system.
CVE-2020-0910
Relating to Windows Hyper-V function, an attacker here with a guest account can exploit the system improperly, validating the input from an authenticated user. This can lead him to run a malicious file remotely after gaining access to the system via a guest account.
CVE-2020-0687
They are relating to the Windows Font Library, where an attacker can trigger the vulnerability exiting in it by creating a malicious font via a file-sharing method by the web-based attack. This would eventually let him be the owner of the system if he gained further access.
CVE-2020-0948, CVE-2020-0949, and CVE-2020-0950.
All three are related to the same vulnerability regarding Windows Media Foundation, which can be memory corrupted by either user visiting a malicious webpage or opening a malicious document. This would give the attacker to dump and install any payload, modify and deletion of files, and even deeper admin rights.
Required User Action
Every problem would have a solution. If not now, maybe later. But now, Microsoft’s Tuesday Patch is the solution to all the above vulnerabilities. It’s highly recommended to apply as soon as possible. If you haven’t, at least for the sake of two zero-day vulnerabilities mentioned above, it’s advised to force a check for the update instead of waiting for a notification. Search for Updates in Windows search bar and navigate to Updates and Security for scanning for the latest patch. After finding, install with no further delay.
