Patch Tuesday November - 2020

Copyright © 2020 Ivanti. All rights reserved.
Patch Tuesday Webinar
Wednesday, November 11, 2020
Hosted by: Chris Goettl & Todd Schell
Dial in: 1-877-668-4490 (US)
Event ID: 133 543 6030

Agenda
November 2020 Patch Tuesday Overview
In the News
Bulletins and Releases
Between Patch Tuesdays
Q & A
1
2
3
4
5

Copyright © 2020 Ivanti. All rights reserved.Copyright © 2020 Ivanti. All rights reserved.
Overview

In the News

Exploits Abound! Only one from Patch Tuesday
 Apple patches three zero day vulnerabilities:
 https://arstechnica.com/information-technology/2020/11/apple-patches-ios-against-3-
actively-exploited-0days-found-by-google/
 https://tidbits.com/2020/11/05/apple-updates-numerous-operating-systems-for-exploited-
security-vulnerabilities/
 NSA Cyber Security Advisory outlines 25 CVEs commonly exploited by Chinese State-
Sponsored Actors
 https://www.darkreading.com/threat-intelligence/nsa-reveals-the-top-25-vulnerabilities-
exploited-by-chinese-nation-state-hackers/d/d-id/1339226
 https://media.defense.gov/2020/Oct/20/2002519884/-1/-
1/0/CSA_CHINESE_EXPLOIT_VULNERABILITIES_UOO179811.PDF
 3 Google Chrome zero days resolved
 Oct 20: Google Chrome CVE-2020-15999 (Win, Mac, Linux), Nov 2: Google Chrome CVE-
2020-16009 (Win, Mac, Linux), Nov 10: Google Chrome for Android CVE-2020-16010
 https://www.welivesecurity.com/2020/11/03/google-squashes-two-more-chrome-bugs-
active-attacks/

Exploited and Publicly Disclosed
 CVE-2020-17087 Windows Kernel Local Elevation of Privilege
Vulnerability
 https://attivonetworks.com/privilege-escalation-cve-2020-17087-cve-2020-15999/
 https://www.helpnetsecurity.com/2020/11/02/cve-2020-17087/
Source: Microsoft

20H2 Feature Release
 Official release on October 20, 2020
 https://docs.microsoft.com/en-us/windows/whats-new/whats-new-windows-10-version-
20h2
 https://support.microsoft.com/en-us/help/4562830/feature-update
 https://techcommunity.microsoft.com/t5/windows-it-pro-blog/simplifying-on-premises-
deployment-of-servicing-stack-updates/ba-p/1646039
 https://docs.microsoft.com/en-us/windows/release-information/status-windows-10-
20h2

Adobe Flash End of Life
 December 31st is the official End of Life of Adobe Flash
 https://www.adobe.com/products/flashplayer/end-of-life.html
 Adobe Enterprise EoL Page
 https://www.adobe.com/products/flashplayer/enterprise-end-of-life.html
 Flash Uninstall Tools:
 https://www.pcgamer.com/uk/windows-tool-permanently-remove-adobe-
flash/ (once you remove it is hard to get it back)
 https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-
windows.html
 https://support.microsoft.com/en-us/help/4577586/update-for-removal-
of-adobe-flash-player
 The Microsoft Flash Uninstall tool is available in Ivanti content under Security Tools
Source: Microsoft

Recorded Demo: https://player.vimeo.com/video/458359714
2020.2 Most Requested: Intune Integration
Capabilities include:
• Direct upload to
Intune via native co-
management API
• Initial set of popular
applications to
confirm stability in
diverse environments
• Hybrid support as
customers migrate
from on-premise
MECM to cloud-
driven Intune
MEM Admin can select from a list of available updates of supported applications. Selected
updates are imported into MECM or Intune for distribution and execution on managed endpoints.
Patch Binaries
Patch Content
Check out our Microsoft Ignite page

Microsoft Patch Tuesday Updates of Interest
 Advisory 990001 Latest Servicing Stack Updates (SSU)
 https://msrc.microsoft.com/update-guide/en-US/vulnerability/ADV990001
 Updated SSUs this month
 Windows 10 1809/Server 2019
 Windows 10 1903-20H2
 Windows Server, versions 1903-20H2
 Development Tool and Other Updates
 Azure DevOps Server 2019
 Azure Sphere
 Microsoft Visual Studio 2017
 Visual Studio Code
Source: Microsoft

Windows 10 Lifecycle Awareness
 Windows 10 Branch Support
Source: Microsoft

Windows 10 Lifecycle Awareness (cont)
 Enterprise LTSB/LTSC Support
 Complete Lifecycle Fact Sheet
 https://docs.microsoft.com/en-us/lifecycle/faq/windows
 https://docs.microsoft.com/en-us/lifecycle/products/windows-server
 https://docs.microsoft.com/en-us/lifecycle/products/windows-10-enterprise-
and-education
Source: Microsoft

Patch Content Announcements
 Announcements Posted on Community Forum Pages
 https://forums.ivanti.com/s/group/CollaborationGroup/00Ba0000009oKICEA2
 Subscribe to receive email for the desired product(s)

Bulletins and Releases

MFSA -2020-49: Security Update Firefox 82.0.3,
Firefox ESR 78.4.1, and Thunderbird 78.4.2
 Maximum Severity: Critical
 Affected Products: Security Update Firefox, Firefox ESR, and Thunderbird
 Description: These updates from Mozilla address a critical vulnerability in the listed
applications. This vulnerability could be used to run attacker code and install software
on the targeted machine.
 Impact: Remote Code Execution
 Fixes 1 Vulnerability: CVE-2020-26950
 Restart Required: Requires application restart
 Known Issues: None

MS20-11-W10: Windows 10 Update
 Affected Products: Microsoft Windows 10 Versions 1607, 1709, 1803, 1809, 1903,
1909, 2004, 20H2, Server 2016, Server 2019, Server version 1709, Server version
1803, Server version 2004, IE 11, Legacy Edge and Edge Chromium
 Description: This bulletin references 10KB articles. See KBs for the list of changes.
 Impact: Remote Code Execution, Security Feature Bypass, Spoofing, Denial of
Service, Elevation of Privilege and Information Disclosure
 Fixes 59 Vulnerabilities: CVE-2020-17087 is publicly disclosed and known
exploited. See the Security Update Guide for the complete list of CVEs.
 Restart Required: Requires restart
 Known Issues: See next slides

November Known Issues for Windows 10
 KB 4586830 – Windows 10, Version 1607 and Server 2016
 [Min Password] After installing KB4467684, the cluster service may fail to start with
the error “2245 (NERR_PasswordTooShort)” if the group policy “Minimum
Password Length” is configured with greater than 14 characters. Workaround:
Set the domain default "Minimum Password Length" policy to less than or equal to
14 characters. Microsoft is working on a resolution.
 KB 4586793 – Windows 10, Version 1809, Server 2019 All Versions
 [Asian Packs] After installing KB 4493509, devices with some Asian language
packs installed may receive the error, "0x800f0982 -
PSFX_E_MATCHING_COMPONENT_NOT_FOUND.“ Workaround: Uninstall
and reinstall any recently added language packs or select Check for Updates and
install the April 2019 Cumulative Update. See KB for more recovery details.
Microsoft is working on a resolution.

November Known Issues for Windows 10 (cont)
 KB 4586786 – Windows 10 version 1903, Windows Server version
1903, Windows 10 version 1909, Windows Server version 1909
 [Outdated Updates] System and user certificates might be lost when updating a
device from Windows 10, version 1809 or later to a later version of Windows 10.
This primarily happens when managed devices are updated using outdated
bundles or media through an update management tool such as Windows Server
Update Services (WSUS) or Microsoft Endpoint Configuration Manager.
Note: Devices using Windows Update for Business or that connect directly to
Windows Update are not impacted.
Workaround: If you have already encountered this issue on your device, you can
mitigate it within the uninstall window by going back to your previous version of
Windows. The uninstall window might be 10 or 30 days depending on the
configuration of your environment and the version you’re updating to. See
directions here.
Microsoft is working on a resolution.

November Known Issues for Windows 10 (cont)
 KB 4586781 – Windows 10 version 2004, Windows Server version
2004, Windows 10 version 20H2, Windows Server version 20H2
 [Editor] Users of the Microsoft Input Method Editor (IME) for Japanese or Chinese
languages might experience issues when attempting various tasks. You might
have issues with input, receive unexpected results, or might not be able to enter
text.
For more information about the issues, workaround steps, and the currently
resolved issues, please see KB 4564002.
 [Outdated Updates]

MS20-11-IE: Security Updates for Internet Explorer
 Affected Products: IE 11
 Description: The fixes that are included in the cumulative Security Update for
Internet Explorer are also included in the November 2020 Security Monthly Quality
Rollup. Installing either the Security Update for Internet Explorer or the Security
Monthly Quality Rollup installs the fixes that are in the cumulative update. This bulletin
references 10 KB articles.
 Impact: Remote Code Execution
 Fixes 3 Vulnerabilities: No CVEs are publicly disclosed or known exploited. CVE-
2020-17052, CVE-2020-17053 and CVE-2020-17058 are fixed in IE 11.
 Restart Required: Requires browser restart
 Known Issues: None reported

MS20-11-MR2K8-ESU: Monthly Rollup for Windows Server 2008
 Affected Products: Microsoft Windows Server 2008 and IE 9
 Description: This security update includes improvements and fixes that were a part
of update KB 4580378 (released October 13, 2020. Bulletin is based on KB 4586807.
Security updates to Windows Graphics, Windows Silicon Platform, Windows
Authentication, Windows Core Networking, Windows Peripherals, Windows Network
Security and Containers, and Windows Hybrid Storage Services.
 Impact: Remote Code Execution, Spoofing, Elevation of Privilege and Information
Disclosure
 Known Issues: [File Rename] See next slide.

November Known Issues for Server 2008
 KB 4586807 – Windows Server 2008 (Monthly Rollup)
 [File Rename] Certain operations, such as rename, that you perform on files or folders that
are on a Cluster Shared Volume (CSV) may fail with the error,
“STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform
the operation on a CSV owner node from a process that doesn’t have administrator
privilege. Workaround: Perform the operation from a process that has administrator
privilege or perform the operation from a node that doesn’t have CSV ownership. Microsoft
is working on a resolution.
 KB 4586817 – Windows Server 2008 (Security-only Update)
 [File Rename]

MS20-11-SO2K8-ESU: Security-only Update for Windows Server 2008
 Affected Products: Microsoft Windows Server 2008
 Description: Bulletin is based on KB 4580385. Security updates to Windows
Graphics, Windows Silicon Platform, Windows Authentication, Windows Core
Networking, Windows Peripherals, Windows Network Security and Containers, and
Windows Hybrid Storage Services..
 Impact: Remote Code Execution, Spoofing, Elevation of Privilege and Information
Disclosure
 Known Issues: [File Rename] See previous slide.

MS20-11-MR7-ESU: Monthly Rollup for Win 7
MS20-11-MR2K8R2-ESU Monthly Rollup for Server 2008 R2
 Affected Products: Microsoft Windows 7, Server 2008 R2, and IE
of update KB 4580345 (released October 13, 2020). Bulletin is based on KB 4586827.
Security and Containers, Windows Hybrid Storage Services, and Windows Remote
Desktop.
 Impact: Remote Code Execution, Denial of Service, Spoofing, Elevation of Privilege
and Information Disclosure
 Fixes 20 + 3 IE Vulnerabilities: CVE-2020-17087 is publicly disclosed and known
 Known Issues: [File Rename]

MS20-11-SO7-ESU: Security-only Update for Win 7
MS20-11-SO2K8R2-ESU: Security-only Update for Server 2008 R2
 Affected Products: Microsoft Windows 7 and Server 2008 R2
Networking, Windows Peripherals, Windows Network Security and Containers,
Windows Hybrid Storage Services, and Windows Remote Desktop.
 Impact: Remote Code Execution, Denial of Service, Spoofing, Elevation of Privilege
and Information Disclosure

MS20-11-MR8: Monthly Rollup for Server 2012
 Affected Products: Microsoft Windows Server 2012 and IE
 Description: This security update includes improvements and fixes that were a part of
update KB 4580382 (released October 13, 2020). Bulletin is based on KB 4586834.
Security and Containers, Windows Hybrid Storage Services, and Windows Remote
Desktop.
 Impact: Remote Code Execution, Security Feature Bypass, Spoofing, Elevation of
Privilege and Information Disclosure

MS20-11-SO8: Security-only Update for Windows Server 2012
 Affected Products: Microsoft Windows Server 2012
 Impact: Remote Code Execution, Security Feature Bypass, Spoofing, Elevation of
Privilege and Information Disclosure

MS20-11-MR81: Monthly Rollup for Win 8.1 and Server 2012 R2
 Affected Products: Microsoft Windows 8.1, Server 2012 R2, and IE
of update KB 4580347 (released October 13, 2020). Bulletin is based on KB 4586845.
Security and Containers, Windows Hybrid Storage Services, Windows Remote
Desktop, and Microsoft Scripting Engine.
 Impact: Remote Code Execution, Security Feature Bypass, Denial of Service,
Spoofing, Elevation of Privilege and Information Disclosure

MS20-11-SO81: Security-only Update for Win 8.1 and Server 2012 R2
 Affected Products: Microsoft Windows 8.1, Server 2012 R2
 Impact: Remote Code Execution, Security Feature Bypass, Denial of Service,
Spoofing, Elevation of Privilege and Information Disclosure

MS20-11-EXCH: Security Updates for Exchange Server
 Maximum Severity: Important
 Affected Products: Microsoft Exchange Server 2013 - 2019
 Description: This security update fixes vulnerabilities in Microsoft
Exchange. This bulletin is based on KB 4588741.
 Impact: Remote Code Execution and Denial of Service
 Fixes 3 Vulnerabilities: No CVEs are publicly disclosed or known
exploited. CVE-2020-17083, CVE-2020-17084, and CVE-2020-17085
are fixed in this release.
 Known Issues: Must install update with administrator privileges

MS20-11-SPT: Security Updates for SharePoint Server
 Affected Products: Microsoft SharePoint Enterprise Server 2013 & 2016, Microsoft
SharePoint Foundation Server 2010 and 2013, and Microsoft SharePoint Server 2010
& 2019
 Description: This security update resolves vulnerabilities in Microsoft Office that
could allow remote code execution if a user opens a specially crafted Office file. This
bulletin is based on 6 KB articles.
 Impact: Remote Code Execution, Spoofing, and Information Disclosure
2020-16979, CVE-2020-17015, CVE-2020-17016, CVE-2020-17017, CVE-2020-
17060, and CVE-2020-17061 are fixed in this release.

MS20-11-OFF: Security Updates for Microsoft Office
 Affected Products: Excel 2010-2016, Office 2010-2016, Word 2010-2016, Office
2019 for macOS, Teams, and Office Web Applications
 Description: This security update resolves multiple vulnerabilities in Microsoft Office
applications. Consult the Security Guide for specific details on each. This bulletin
references 16 KB articles plus release notes for MacOS.
 Impact: Remote Code Execution and Security Feature Bypass
2020-17019, CVE-2020-17020, CVE-2020-17062, CVE-2020-17064, CVE-2020-
17065, CVE-2020-17066, CVE-2020-17067 and CVE-2020-17091 are fixed.

MS20-11-O365: Security Updates Microsoft 365 Apps and Office 2019
 Affected Products: Microsoft 365 Apps, Office 2019
 Description: This month’s update resolved various bugs and performance issues in
Microsoft 365 Apps and Office 2019 applications. Information on Microsoft 365 Apps
security updates is available at https://docs.microsoft.com/en-
us/officeupdates/microsoft365-apps-security-updates.
 Impact: Remote Code Execution, Security Feature Bypass, and Spoofing
2020-17020, CVE-2020-17062, CVE-2020-17063, CVE-2020-17064, CVE-2020-
17065, CVE-2020-17067 are fixed.

Between Patch Tuesdays

Release Summary
 Security Updates: AdoptOpenJDK JDK (1), AdoptOpenJDK JRE (1), Adobe Acrobat and
Reader (1), Google Chrome (2), Amazon Corretto 8 (2), Amazon Corretto 11 (1), Falcon sensor
for Windows (1), Firefox (2), Firefox ESR (2), Plex Media Server (1), Thunderbird (1), VMware
Horizon Client (1)
 Non-Security Updates: iTunes (1), Apple Mobile Device Support (1), Bandicut (3),
BlueJeans (4), Box Drive (1), Camtasia (2), Ccleaner (2), Citrix Workspace app (2), Dropbox
(2), Firefox (2), FileZilla Client (2), Falcon sensor for Windows (1), Google Backup and Sync (2),
Google Chrome (1), GIT for windows (3), GOM Player (1), GoodSync (7), GoToMeeting (1),
IrfanView (1), Java 8 (1), Jabra Direct (2), Java Development Kit (2), LibreOffice (2), LogMeIn
(1), Malwarebytes (2), Foxit Reader Enterprise (2), Nitro Pro (2), Node.JS (6), Notepad++ (1),
Opera Browser (7), VirtualBox (1), PDF-Xchange PRO (1), Paint.net (1), Plantronics Hub (3),
Plex Media Server (1), RingCentral App (Machine-Wide Installer) (3), Skype (1), Slack Machine-
Wide Installer (2), Snagit (1), Splunk Universal Forwarder (1), Tableau Desktop (7), Tableau
Reader (1), Thunderbird (2), TortoiseHG (1), TeamViewer (2), VMWare Tools (1), Cisco WebEx
Teams (1), WinSCP (1), Wireshark (2), XnView (1), Zoom Client (3), Zoom Outlook Plugin (1)

Third Party CVE Information
 Adobe Acrobat and Reader
 APSB20-67
 Fixes 14 Vulnerabilities: CVE-2020-24426, CVE-2020-24427, CVE-2020-24428,
CVE-2020-24429, CVE-2020-24430, CVE-2020-24431, CVE-2020-24432, CVE-
2020-24433, CVE-2020-24434, CVE-2020-24435, CVE-2020-24436, CVE-2020-
24437, CVE-2020-24438, CVE-2020-24439
 Amazon Corretto 8 Update 272
 CORRETTO8-272, QCORRETTO8272
2020-14803
 Amazon Corretto 8 Update 275
CVE-2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798

Third Party CVE Information (cont)
 Amazon Corretto 11 version 11.0.9.11.1
2020-14803
 VMware Horizon Client 5.5
 VMWH5-201014, QVMWH550
 Falcon sensor for Windows 6.12.12601
 CSFS-201023, QFS61212601

 Firefox 82.0
 FF-201020, QFF820
CVE-2020-15682, CVE-2020-15683, CVE-2020-15684, CVE-2020-15969
 Firefox ESR 78.4.0
 FFE-201020, QFFE7840
 Fixes 2 Vulnerabilities: CVE-2020-15683, CVE-2020-15969
 Plex Media Server 1.20.3.3483
 PLXS-201023, QPLXS12033483
 Thunderbird 78.4.0
 TB-201022, QTB7840
 Fixes 2 Vulnerabilities: CVE-2020-15683, CVE-2020-15969

 Google Chrome 86.0.4240.111
 CHROME-201020, QGC860424111
 Fixes 13 Vulnerabilities: CVE-2020-13871, CVE-2020-15358, CVE-2020-15993, CVE-
2020-15994, CVE-2020-15995, CVE-2020-15996, CVE-2020-15997, CVE-2020-15998,
CVE-2020-15999, CVE-2020-16000, CVE-2020-16001, CVE-2020-16002, CVE-2020-
16003
 Google Chrome 86.0.4240.183
 CHROME-201102, QGC860424183
2020-16007, CVE-2020-16008, CVE-2020-16009, CVE-2020-16011
 AdoptOpenJDK JDK 8.0.272.10 and AdoptOpenJDK JRE 8.0.272.10
 ADPTOJDK8-201024 and ADPTOJRE8-201024
 QAOJDK8027210 and QAOJRE8027210
2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798

 AdoptOpenJDK JDK 11.0.9.11 and AdoptOpenJDK JRE 11.0.9.11
 ADPTOJDK11-201024 and ADPTOJRE11-201024
 QAOJDK110911 and QAOJRE110911
2020-14792, CVE-2020-14796, CVE-2020-14797, CVE-2020-14798, CVE-2020-14803

Q & A

Patch Tuesday November - 2020

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Ähnlich wie Patch Tuesday November - 2020

Ähnlich wie Patch Tuesday November - 2020 (20)

Mehr von Ivanti

Mehr von Ivanti (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Patch Tuesday November - 2020

Hinweis der Redaktion