Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Trustwave Unveils New Offerings to Maximize Value of Microsoft Security Investments. Learn More

Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

Offensive Security
Solutions to maximize your security ROI
Microsoft Exchange Server Attacks
Stay protected against emerging threats
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
Awards and Accolades
Trustwave SpiderLabs Team
Trustwave Fusion Security Operations Platform
Trustwave Security Colony
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
SpiderLabs Blog

Patch Tuesday February 2020

February's Patch Tuesday is here and brings with it patches for 98 CVEs. These are split between 13 CVEs rated as "Critical" and 85 CVEs rated as "Important." Among the "Critical" patches, Remote Code Execution (RCE) vulnerabilities in the Scripting Engine make up more than half of the list. It's a regular piece of software patched pretty much every Patch Tuesday. Still, extra attention is currently on the Scripting Engine after a zero-day exploit (CVE-2020-0674) was discovered compromising systems just after January's Patch Tuesday. Closing out the "Critical" list are RCE vulnerabilities in Remote Desktop, Media Foundation, and LNK shortcuts.

The theme of the vulnerabilities in the list ranked as "Important" is "Privilege Escalation," with that class of vulnerability representing a full 53 out 85 patched. Privilege escalation vulnerabilities are a cornerstone of system exploitation. It allows an attacker to go from using just a regular "Joe User" account to full system ownership, potentially gaining administrative access to the entire network. Also included under "Important" are Remote Code Execution vulnerabilities in the Office Suite, MS Exchange, and MS-SQL server, as well as Denial of Service vulnerabilities in Windows Hyper-V.

Luckily, none of these vulnerabilities have any in the wild exploitation, so administrators have plenty of time to get the proper patches in place before there is public exploitation. So let's get patching and, as always, stay safe out there!



LNK Remote Code Execution Vulnerability
Remote Code Execution

Media Foundation Memory Corruption Vulnerability
Remote Code Execution

Remote Desktop Client Remote Code Execution Vulnerability
CVE-2020-0681, CVE-2020-0734
Remote Code Execution

Scripting Engine Memory Corruption Vulnerability
CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767
Remote Code Execution

Windows Remote Code Execution Vulnerability
Remote Code Execution

February 2020 Adobe Flash Security Update
Remote Code Execution



Active Directory Elevation of Privilege Vulnerability
Elevation of Privilege

Connected Devices Platform Service Elevation of Privilege Vulnerability
CVE-2020-0740, CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-2020-0749, CVE-2020-0750
Elevation of Privilege

Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability
Elevation of Privilege

DirectX Elevation of Privilege Vulnerability
CVE-2020-0709, CVE-2020-0732
Elevation of Privilege

DirectX Information Disclosure Vulnerability
Information Disclosure

Microsoft Browser Information Disclosure Vulnerability
Information Disclosure

Microsoft Edge Elevation of Privilege Vulnerability
Elevation of Privilege

Microsoft Excel Remote Code Execution Vulnerability
Remote Code Execution

Microsoft Exchange Memory Corruption Vulnerability
Remote Code Execution

Microsoft Exchange Server Elevation of Privilege Vulnerability
Elevation of Privilege

Microsoft Graphics Components Information Disclosure Vulnerability
Information Disclosure

Microsoft Office Online Server Spoofing Vulnerability

Microsoft Office SharePoint XSS Vulnerability

Microsoft Office Tampering Vulnerability

Microsoft Outlook Security Feature Bypass Vulnerability
Security Feature Bypass

Microsoft Secure Boot Security Feature Bypass Vulnerability
Security Feature Bypass

Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability
Remote Code Execution

Remote Desktop Services Remote Code Execution Vulnerability
Remote Code Execution

Win32k Elevation of Privilege Vulnerability
CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731
Elevation of Privilege

Win32k Information Disclosure Vulnerability
CVE-2020-0716, CVE-2020-0717
Information Disclosure

Windows Backup Service Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Client License Service Elevation of Privilege Vulnerability
Elevation of Privilege

Windows COM Server Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Common Log File System Driver Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Common Log File System Driver Information Disclosure Vulnerability
Information Disclosure

Windows Data Sharing Service Elevation of Privilege Vulnerability
CVE-2020-0659, CVE-2020-0747
Elevation of Privilege

Windows Elevation of Privilege Vulnerability
CVE-2020-0737, CVE-2020-0739
Elevation of Privilege

Windows Error Reporting Elevation of Privilege Vulnerability
CVE-2020-0753, CVE-2020-0754
Elevation of Privilege

Windows Error Reporting Manager Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Function Discovery Service Elevation of Privilege Vulnerability
CVE-2020-0679, CVE-2020-0680, CVE-2020-0682
Elevation of Privilege

Windows GDI Information Disclosure Vulnerability
Information Disclosure

Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2020-0715, CVE-2020-0745, CVE-2020-0792
Elevation of Privilege

Windows Hyper-V Denial of Service Vulnerability
CVE-2020-0661, CVE-2020-0751
Denial of Service

Windows Imaging Library Remote Code Execution Vulnerability
Remote Code Execution

Windows IME Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Information Disclosure Vulnerability
Information Disclosure

Windows Installer Elevation of Privilege Vulnerability
CVE-2020-0683, CVE-2020-0686
Elevation of Privilege

Windows Kernel Elevation of Privilege Vulnerability
CVE-2020-0668, CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672
Elevation of Privilege

Windows Kernel Information Disclosure Vulnerability
Information Disclosure

Windows Key Isolation Service Information Disclosure Vulnerability
CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0748, CVE-2020-0755, CVE-2020-0756
Information Disclosure

Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Modules Installer Service Information Disclosure Vulnerability
Information Disclosure

Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability
Information Disclosure

Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
Denial of Service

Windows Search Indexer Elevation of Privilege Vulnerability
CVE-2020-0666, CVE-2020-0667, CVE-2020-0735, CVE-2020-0752
Elevation of Privilege

Windows User Profile Service Elevation of Privilege Vulnerability
Elevation of Privilege

Windows Wireless Network Manager Elevation of Privilege Vulnerability
Elevation of Privilege

Microsoft Office SharePoint XSS Vulnerability

Surface Hub Security Feature Bypass Vulnerability
Security Feature Bypass

Latest SpiderLabs Blogs

Using AWS Secrets Manager and Lambda Function to Store, Rotate and Secure Keys

When working with Amazon Web Services (AWS), we often find that various AWS services need to store and manage secrets. AWS Secrets Manager is the go-to solution for this. It's a centralized service...

Read More

Facebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01

The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how threat actors use Facebook for malicious activity has uncovered a new version of the SYS01 stealer. This stealer is designed...

Read More

Tips for Optimizing Your Security Operations Framework

Building an effective Security Operations framework that provides the right balance of people, processes, and technologies can take years.

Read More