This Patch Tuesday, a total of 99 vulnerabilities have been addressed, making the February 2020 Patch Tuesday the biggest yet. As an early Valentine’s gift, Microsoft has provisioned administrators with numerous security and non-security updates to apply to their endpoints. Here’s a quick overview of Patch Tuesday, followed by a detailed account of the numerous updates released this February.
What is Patch Tuesday?
Patch Tuesday occurs on the second Tuesday of every month, and it is a significant event for admins around the world. It is when all the essential fixes for the month are collated and officially posted on the Microsoft Bulletin. These fixes include security updates that are imperative to resolve vulnerabilities, non-security updates, as well as upgrades for OS components and other applications.
What is the significance of Patch Tuesday, and why should it be made a priority?
Patch Tuesday began in 2003. While this doesn’t seem like too long ago, Patch Tuesday is one of the most long-standing and resolutely observed cybersecurity practices. Microsoft consolidates all notable patches and releases them on one day of the month for the sole purpose of making it easier for administrators to secure their endpoints.
However, time is of the essence, because when all the various updates are posted, they can just as easily be obtained by users with malicious intent. Those who plan on exploiting vulnerabilities can simply analyze the patch binaries to create exploit routes into unprotected systems. To prevent that from happening, below are details on all the notable patch releases for Patch Tuesday February 2020 so you can administer the updates within the recommended 24 hours.
Highlights of Patch Tuesday February 2020
This Patch Tuesday, Microsoft has released security updates for 99 vulnerabilities, out of which 12 are categorized as Critical and 87 are classified as Important. Along with the numerous security updates released by Microsoft, one advisory has also been provided.
Patch Tuesday updates for Microsoft products
Security updates have been posted for vulnerabilities in the following applications and components:
- Internet Explorer
- Microsoft Edge
- Microsoft Exchange Server
- Microsoft Windows
- SQL Server
- Windows COM
- Windows Hyper-V
- Windows RDP
- Windows Subsystem for Linux
- Microsoft Graphics Component
- Microsoft Malware Protection Engine
- Microsoft Office
- Microsoft SharePoint
- Windows Authentication Methods
- Remote Desktop Client
- Windows Shell
- Windows Update Stack
Some third-party applications that have received updates include:
- Brave (1.3.115)
- Razor SQL (9.0.5)
- WXwork (188.8.131.528)
- ScreenToGif (2.20.3)
- eM Client (7.2.37923)
- eM Client (7.2.37929)
- Mozilla Firefox (73.0)
- SyncBackFree (184.108.40.206)
- SyncBackFree (220.127.116.11)
- Mirillis Action (4.1.2)
- Docker Desktop (18.104.22.168)
- Mozilla Firefox ESR (68.5.0)
- AirServer Universal (5.5.11)
- Conan Package Manager (1.22.1)
- FTPGetter Standard (22.214.171.124)
- Adobe Flash Player PPAPI (126.96.36.1990)
- Adobe Flash Player Plugin (188.8.131.520)
- Adobe Flash Player ActiveX (184.108.40.2060)
- Adobe Acrobat Reader 2017 MUI (Classic Track) (17.011.30158) (APSB20-05)
- Adobe Acrobat 2017 Pro and Standard (Acrobat 2017 Track) update – All languages (17.011.30158) (APSB20-05)
- Adobe Acrobat DC Pro and Standard (Classic Track) update – All languages (15.006.30510) (APSB20-05)
- Adobe Acrobat DC Pro and Standard (Continuous Track) update – All languages (20.006.20034) (APSB20-05)
- Adobe Acrobat Reader DC (Continuous Track) update – All languages (20.006.20034) (APSB20-05)
- Adobe Acrobat Reader MUI DC (Continuous Track) update – All languages (20.006.20034) (APSB20-05)
- Adobe Acrobat Reader MUI DC (Classic Track) update – All languages (15.006.30510) (APSB20-05)
Internet Explorer zero-day vulnerability
A critical vulnerability found in Internet Explorer (CVE-2020-0674) has been publicly disclosed and is currently being exploited in the wild. Although Microsoft had released an advisory this past January, fixes have officially been rolled out only on this month’s Patch Tuesday. The vulnerability has to do with a bug that corrupts the memory such that an attacker could exploit the system through arbitrary code execution in the content of the current user, which allows the attacker to attain the same rights as the user logged on at the time. If that user happens to be an admin, the hacker would get the same privileges and could completely hijack the system.
Major updates for vulnerabilities
There are three publicly disclosed vulnerabilities, two of which are present in Windows Installer (CVE-2020-0683, CVE-2020-0686) and can result in elevation of privilege. The third vulnerability is related to Microsoft Browser Information (CVE-2020-0706), and can lead to information disclosure.
Best practices to apply Microsoft Patch Tuesday updates for February 2020
Once Patch Tuesday is underway, information on the updates can potentially be leveraged by hackers, so it’s important to not only deploy the correct updates, but to do so in a timely fashion. This can seem like a tedious task, but there are ways to streamline the process. To help you in your administrative endeavors, we’ve created a list of best practices to follow that can do wonders for your patching experience!
- First, identify the patches for resolving Critical vulnerabilities, and prioritize their deployment. The IDs for the 12 Critical vulnerabilities this month are: CVE-2020-0662, CVE-2020-0673, CVE-2020-0674, CVE-2020-0681, CVE-2020-0710,CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0729, CVE-2020-0734, CVE-2020-0738, and CVE-2020-0767.
- Configure the timing of your deployment such that the patch update process takes place during non-business hours, as this ensures users aren’t interrupted and conserves bandwidth.
- Then automate the deployment of the patches classified as Moderate and Important.
- Create and dispatch relevant updates to a test group first to verify stability before mass deployment to endpoints and servers in your enterprise.
- Decline less critical updates and deploy them only after all the pressing issues have been addressed.
- Postpone or schedule reboots for critical machines and servers.
- Run patch reports to ensure network endpoints are up-to-date with the latest patches.
- To implement these best practices while deploying Patch Tuesday security updates, a versatile solution is a must!
ManageEngine offers two solutions that help you automate all patching-related tasks from one centralized console: Desktop Central and Patch Manager Plus. You can start a 30-day free trial and keep more than 750 applications (plus over 300 third-party applications) up-to-date.
** Optrics Inc. is a ManageEngine partner
The original article can be found here: