Microsoft August 2020 Security Updates

Discussion in 'update alerts' started by NICK ADSL UK, Aug 11, 2020.

Thread Status:
Not open for further replies.
  1. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,345
    Location:
    UK
    Release Notes
    August 2020 Security Updates
    Release Date: August 11, 2020


    The August 2020 security release consists of security updates for the following software:

    • Microsoft Windows
    • Microsoft Edge (EdgeHTML-based)
    • Microsoft Edge (Chromium-based)
    • Microsoft ChakraCore
    • Internet Explorer
    • Microsoft Scripting Engine
    • SQL Server
    • Microsoft JET Database Engine
    • .NET Framework
    • ASP.NET Core
    • Microsoft Office and Microsoft Office Services and Web Apps
    • Microsoft Windows Codecs Library
    • Microsoft Dynamics
    Please note the following information regarding the security updates:

    • For information regarding enabling Windows 10, version 1909 features, please see Windows 10, version 1909 delivery options. Note that Windows 10, versions 1903 and 1909 share a common core operating system with an identical set of system files. They will also share the same security update KBs.
    • Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.
    • For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.
    • A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.
    • Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.
    • In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.
    • Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving security updates. See 4522133 for more information.
    The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

    Known Issues

    The following KBs contain information about known issues with the security updates. For a complete list of security update KBs, please see 20200811. For more information about Windows Known Issues, please see Windows message center (links to currently-supported versions of Windows are in the left pane).

    KB Article Applies To
    4565349 Windows 10 Version 1809, Windows Server 2019
    4566782 Windows 10, version 2004
    4571694 Windows 10, version 1607, Windows Server 2016
    4571702 Windows Server 2012 (Security-only update)
    4571703 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)
    4571719 Windows 7, Windows Server 2008 R2 (Security-only update)
    4571723 Windows 8.1, Windows Server 2012 R2 (Security-only update)
    4571729 Windows 7, Windows Server 2008 R2 (Monthly Rollup)
    4571730 Windows Server 2008 Service Pack 2 (Monthly Rollup)
    4571736 Windows Server 2012 (Monthly Rollup)
    4571746 Windows Server 2008 Service Pack 2 (Security-only update)

    https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Aug
     
  2. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,345
    Location:
    UK
    Title: Microsoft Security Advisory Notification
    Issued: August 11, 2020
    **************************************************************************************

    Security Advisories Released or Updated on August 11, 2020
    ======================================================================================

    * ADV990001

    - ADV990001 | Latest Servicing Stack Updates
    - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV990001
    - Reason for Revision: Advisory updated to announce new versions of Servicing Stack
    Updates are available. Please see the FAQ for details.
    - Originally posted: November 13, 2019
    - Updated: August 11, 2020
    - Version: 25.0
     
  3. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,345
    Location:
    UK
    Title: Microsoft Security Update Releases
    Issued: August 11, 2020
    **************************************************************************************

    Summary
    =======

    The following CVEs have undergone a major revision increment:

    * CVE-2020-0794
    * CVE-2020-1347


    Revision Information:
    =====================

    * CVE-2020-0794

    - CVE-2020-0794 | Windows Denial of Service Vulnerability
    - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0794
    - Version 2.0
    - Reason for Revision: In the Security Updates table, added all supported versions
    of Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10
    Version 1607, and Windows Server 2016 because these versions of Windows 10 and
    Windows Server are also affected by this vulnerability. Microsoft strongly
    recommends that customers running any of these versions of Windows 10 or Windows
    Server install the updates to be fully protected from the vulnerability.
    Customers whose systems are configured to receive automatic updates do not need
    to take any further action.
    - Originally posted: April 14, 2020
    - Updated: August 11, 2020
    - Aggregate CVE Severity Rating: Important


    * CVE-2020-1347

    - CVE-2020-1347 | Windows Storage Services Elevation of Privilege Vulnerability
    - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1347
    - Version: 2.0
    - Reason for Revision: In the Security Updates table, added all supported versions
    of Windows 10 for 32-bit Systems, Windows 10 for x64-based Systems, Windows 10
    Version 1607, and Windows Server 2016 because these versions of Windows 10 and
    Windows Server are also affected by this vulnerability. Microsoft strongly
    recommends that customers running any of these versions of Windows 10 or Windows
    Server install the updates to be fully protected from the vulnerability.
    Customers whose systems are configured to receive automatic updates do not need
    to take any further action.
    - Originally posted: July 14, 2020
    - Updated: August 11, 2020
    - Aggregate CVE Severity Rating: Important
     
  4. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,345
    Location:
    UK
    Title: Microsoft Security Advisory Notification
    Issued: August 11, 2020
    **************************************************************************************

    Security Advisories Released or Updated on August 11, 2020
    ======================================================================================

    * Microsoft Security Advisory ADV200002

    - ADV200002 | Chromium Security Updates for Microsoft Edge based on Chromium
    - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200002
    - Reason for Revision: Updated advisory to announce a new version of Microsoft Edge
    (Chromium-based). Please see the table for more information.
    - Originally posted: January 28, 2020
    - Updated: August 11, 2020
    - Version: 19.0
     
  5. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,345
    Location:
    UK
    Title: Microsoft Security Update Releases
    Issued: August 12, 2020
    **************************************************************************************

    Summary
    =======

    The following CVEs have undergone a major revision increment:

    * CVE-2020-1182


    Revision Information:
    =====================

    * CVE-2020-1182

    - CVE-2020-1182 | Microsoft Dynamics 365 for Finance and Operations (on-premises)
    Remote Code Execution Vulnerability
    - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1182
    - Version 1.0
    - Reason for Revision: Information published.
    - Originally posted: August 12, 2020
    - Updated: N/A
    - Aggregate CVE Severity Rating: Critical
     
  6. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,345
    Location:
    UK
    ************************************************************************************
    Title: Microsoft Security Update Minor Revisions
    Issued: August 12, 2020
    ************************************************************************************

    Summary
    =======

    The following CVEs have undergone a minor revision increment.

    ================================================================================== ====

    * CVE-2020-1472

    - CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability
    - »portal.msrc.microsoft.co ··· 020-1472
    - Version: 1.1
    - Reason for Revision: Updated one or more CVSS scores for the affected products.
    - Originally posted: August 11, 2020
    - Updated: August 11, 2020
    - Aggregate CVE Severity Rating: Critical

    * CVE-2020-1560

    - CVE-2020-1560 | Microsoft Windows Codecs Library Remote Code Execution
    Vulnerability
    - »portal.msrc.microsoft.co ··· 020-1560
    - Version: 1.1
    - Reason for Revision: Corrected vulnerability description. This is an informational
    change only.
    - Originally posted: August 11, 2020
    - Updated: August 12, 2020
    - Aggregate CVE Severity Rating: Critical

    * CVE-2020-1597

    - CVE-2020-1597 | ASP.NET Core Denial of Service Vulnerability
    - »portal.msrc.microsoft.co ··· 020-1597
    - Version: 1.1
    - Reason for Revision: Updated the Publicly Disclosed information.
    - Originally posted: August 11, 2020
    - Updated: August 12, 2020
    - Aggregate CVE Severity Rating: Important
     
  7. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,345
    Location:
    UK
    Title: Microsoft Security Update Releases
    Issued: August 19, 2020
    **************************************************************************************

    Summary
    =======

    The following CVEs have undergone a major revision increment:

    * CVE-2020-1530
    * CVE-2020-1537


    Revision Information:
    =====================

    * CVE-2020-1530

    - CVE-2020-1530 | Windows Remote Access Elevation of Privilege Vulnerability
    - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1530
    - Version 2.0
    - Reason for Revision: Microsoft is announcing the availability of security update
    4578013 for all supported versions of Microsoft 8.1 and Windows Server 2012 R2.
    Customers running Windows 8.1 or Server 2012 R2 should install the update for
    their product to be protected from this vulnerability. Customers running other
    versions of Microsoft Windows or Windows Server do not need to take any action.
    See the Security Updates table for more information and download links.
    - Originally posted: August 12, 2020
    - Updated: August 19, 2020
    - Aggregate CVE Severity Rating: Important


    * CVE-2020-1537

    - CVE-2020-1537 | Windows Remote Access Elevation of Privilege Vulnerability
    - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1537
    - Version 2.0
    - Reason for Revision: Microsoft is announcing the availability of security update
    4578013 for all supported versions of Microsoft 8.1 and Windows Server 2012 R2.
    Customers running Windows 8.1 or Server 2012 R2 should install the update for
    their product to be protected from this vulnerability. Customers running other
    versions of Microsoft Windows or Windows Server do not need to take any action.
    See the Security Updates table for more information and download links.
    - Originally posted: August 12, 2020
    - Updated: August 19, 2020
    - Aggregate CVE Severity Rating: Important
     
  8. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,345
    Location:
    UK
    Title: Microsoft Security Advisory Notification
    Issued: August 20, 2020
    **************************************************************************************

    Security Advisories Released or Updated on August 20, 2020
    ======================================================================================

    * Microsoft Security Advisory ADV200002

    - ADV200002 | Chromium Security Updates for Microsoft Edge based on Chromium
    - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200002
    - Reason for Revision: Updated advisory to announce a new version of Microsoft Edge
    (Chromium-based). Please see the table for more information.
    - Originally posted: January 28, 2020
    - Updated: August 20, 2020
    - Version: 20.0
     
  9. NICK ADSL UK

    NICK ADSL UK Administrator

    Joined:
    May 13, 2003
    Posts:
    9,345
    Location:
    UK
    Title: Microsoft Security Advisory Notification
    Issued: August 27, 2020
    **************************************************************************************

    Security Advisories Released or Updated on August 27, 2020
    ======================================================================================

    * Microsoft Security Advisory ADV200002

    - ADV200002 | Chromium Security Updates for Microsoft Edge based on Chromium
    - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200002
    - Reason for Revision: Updated advisory to announce a new version of Microsoft Edge
    (Chromium-based). Please see the table for more information.
    - Originally posted: January 28, 2020
    - Updated: August 27, 2020
    - Version: 21.0
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.