Microsoft Patch Tuesday (Dec. 2020) — Snort rules and notable vulnerabilities

Microsoft Patch Tuesday (Dec. 2020) — Snort rules and notable vulnerabilities

By Jon Munshaw, with contributions from Bill Largent. 


Microsoft released its monthly security update Tuesday, disclosing 58 vulnerabilities across its suite of products, the lowest number of vulnerabilities in any Patch Tuesday since January. 


There are only 10 critical vulnerabilities as part of this release, while there are two moderate-severity exploits, and the remainder are considered “important.” Users of all Microsoft and Windows products are urged to update their software as soon as possible to avoid possible exploitation of all these bugs.  

The security updates cover several different products and services, including the SharePoint file-sharing service, the Windows Backup Engine and the Exchange mail server. 


Talos also released a new set of SNORTⓇ rules that provide coverage for some of these vulnerabilities. For complete details, check out the latest Snort advisory here


One of the most serious vulnerabilities exists in SharePoint. CVE-2020-17118 is a vulnerability that could allow an adversary to execute remote code on the targeted machine. This bug has a CVSS score of 8.1 out of a possible 10, according to Microsoft. 


There is also a remote code execution vulnerability (CVE-2020-17096) in Windows NTFS. An adversary could exploit this if they have SMBv2 access to the target system. Then, they would need to send specially crafted requests over the network and gain the ability to execute code on the target system. An attacker coul ..

Support the originator by clicking the read the rest link below.