Microsoft Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350)

On July 14, 2020, Microsoft issued a new security advisory on Microsoft Windows Patch Day – addressing CVE-2020-1350, also known as SigRed – a Remote Code Execution (RCE) vulnerability in Windows Domain Name System (DNS) servers. SigRed affects Windows servers that are configured to run the DNS Server role as described in advisory. Description Microsoft mentioned … Continue reading “Microsoft Windows DNS Server Remote Code Execution Vulnerability (CVE-2020-1350)”

Zoom Client for Windows Remote Code Execution Vulnerability

Earlier this week a report published for remote code execution vulnerability in Zoom Client for Windows. This bug is reported to 0patch Team by a researcher who wants to keep their identity private. Vulnerability Details A vulnerability has been discovered in Zoom Client that could allow for arbitrary code execution.  It is affected to any … Continue reading “Zoom Client for Windows Remote Code Execution Vulnerability”

Microsoft Windows Codec Library RCE Vulnerabilities (CVE-2020-1425, CVE-2020-1457)

Summary: Microsoft released emergency fixes ahead of the July 2020 Patch Tuesday to address two critical Remote Code Execution (RCE) vulnerabilities. Description: According to advisories, Abdul-Aziz Hariri of Trend Micro’s Zero Day initiative observed and reported two RCE vulnerabilities, CVE-2020-1425 and CVE-2020-1457, to Microsoft. Both CVEs are related to Microsoft Windows Codecs Library and affect … Continue reading “Microsoft Windows Codec Library RCE Vulnerabilities (CVE-2020-1425, CVE-2020-1457)”

Microsoft Windows Defender Elevation of Privilege Vulnerability

For 2020, June’s Patch Tuesday, Microsoft published Advisories addressing Multiple Vulnerabilities in Microsoft Windows Defender. CVE-2020-1163 and CVE-2020-1170 was assigned to these vulnerabilities. Microsoft Windows Defender Microsoft Defender is an anti-malware component of Microsoft Windows, designed to protect computers from viruses, spyware and other forms of malware. CVE-2020-1163 and CVE-2020-1170 An elevation of privilege vulnerability … Continue reading “Microsoft Windows Defender Elevation of Privilege Vulnerability”

Microsoft Windows Adobe Type Manager Library Remote Code Execution zero-day Vulnerability (ADV200006)

Summary: Amidst the global pandemic, there has been an emerge of a zero-day reported in Microsoft Windows. On March 23, Microsoft acknowledged the existence of a critical security vulnerability in multiple versions of Windows and Windows Server, in Adobe Type Manager (ATM) Library, an integrated PostScript font library found in all versions of Windows. Description: … Continue reading “Microsoft Windows Adobe Type Manager Library Remote Code Execution zero-day Vulnerability (ADV200006)”

Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-0668)

Summary: An arbitrary file move vulnerability is found in Windows Service Tracing. A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with SYSTEM level permissions. Description: To exploit the vulnerability, developed by individual researcher Clément Labro, a locally … Continue reading “Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-0668)”

Remote Desktop Client Remote Code Execution Vulnerability. (CVE-2020-0734, CVE-2020-0681)

Summary: In the month of February,2020, among MSPT, a remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. On account of this vulnerability, an attacker could execute arbitrary code as well as compromise a legitimate server and perform CnC operation. Description: An attacker would need … Continue reading “Remote Desktop Client Remote Code Execution Vulnerability. (CVE-2020-0734, CVE-2020-0681)”