Tenable Advises Organisations to Patch Critical Vulnerabilities in Windows TCP/IP Stack
Microsoft patched 87 CVEs in the October 2020 Patch Tuesday release, including 11 CVEs rated critical. This release follows seven consecutive months of over 100 CVEs patched, in what has been an unusually busy year for Microsoft Patch Tuesday updates.
Please find below additional commentary from Satnam Narang, Staff Research Engineer at Tenable
“This month’s Patch Tuesday includes fixes for 87 CVEs, 11 of which are rated critical. This marks the first time since February that Microsoft patched less than 100 CVEs. The most critical vulnerability in this month’s release is CVE-2020-16898, a remote code execution vulnerability in the Windows TCP/IP stack. Dubbed “Bad Neighbor” by researchers at McAfee, the flaw occurs because Windows TCP/IP stack does not properly handle ICMPv6 Router Advertisement packets.
To exploit this vulnerability, an attacker would need to send a malicious ICMPv6 Router Advertisement to their targeted Windows machine. It received a CVSSv3 score of 9.8, the highest score assigned to any vulnerability in this month’s release. Microsoft also patched CVE-2020-16899, a denial of service vulnerability in the Windows TCP/IP stack. Both vulnerabilities were discovered internally by Microsoft and are rated as ‘Exploitation More Likely,’ according to Microsoft’s Exploitability Index. Microsoft also addressed CVE-2020-16896, an information disclosure vulnerability in Windows Remote Desktop Protocol.
While the vulnerability is rated as ‘Important’ and received a CVSSv3 score of 7.5, Microsoft says exploitation is more likely. To exploit the flaw, an attacker would need to connect to a system that is running RDP and send specially crafted requests to it. This information could be used by the attacker for further compromise. RDP is a prime target for cybercriminals, especially those looking to launch ransomware attacks. If an organization is exposing RDP to the Internet, they need to ensure they’ve taken appropriate steps to harden RDP, which includes ensuring all patches are applied in a timely manner.”