Let's start off talking about CVE-2020-0688 from last month -- the Microsoft Exchange Validation Key RCE vulnerability. At the time it was published February 11, 2020, the vulnerability had not seen active exploitation. As of March 9, 2020, there were increasing reports of activity happening on unpatched Exchange Servers surrounding this vulnerability. If you hadn't had a chance to act on that, I would give it a bit of love over the whopping 115 new vulnerabilities brought forth by Microsoft this March 2020 Patch Tuesday. It's worth noting that Metasploit has a module out already to help detect this, as does InsightVM.
The focus on bringing CVE-2020-0688 in line gives a general feel of what this month's Patch Tuesday is like. While 115 vulnerabilities are not something to just brush aside, especially given the wide breadth of products and components patched up this month, we do get to enjoy the fact that almost all the vulnerabilities can be remediated simply by patching. Our outlier vulnerability this month (when it comes to straight-forward remediations) is CVE-2020-0765. This information disclosure vulnerability against their deprecated Remote Desktop Connection Manager (RDCMan) product has no planned fixes. The best course of action is to find a replacement or adjust processes to avoid a scenario where an attacker is able to read arbitrary files after convincing an authenticated user t ..
Support the originator by clicking the read the rest link below.
