Microsoft Monthly Security Update (Feb 2020)
[Updated on 2024-09-19]
Updated Description, Source and Related Links.
CVE-2020-0618 vulnerability is exploited in the wild. A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account.
Microsoft has released monthly security update for their products:
| Vulnerable Product | Risk Level | Impacts | Notes |
| Browser |  Extremely High Risk | Information Disclosure Remote Code Execution Elevation of Privilege | Exploited in the wild: CVE-2020-0674 |
| Device |  Medium Risk | Security Restriction Bypass | |
| Exchange Server | Medium Risk | Remote Code Execution Elevation of Privilege | |
| Microsoft Office | Medium Risk | Data Manipulation Remote Code Execution Spoofing Security Restriction Bypass | |
| SQL Server | Extremely High Risk | Remote Code Execution | CVE-2020-0618 is exploited in the wild. A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account. |
| System Center | Medium Risk | Elevation of Privilege | |
| Windows | Medium Risk | Denial of Service Remote Code Execution Elevation of Privilege Information Disclosure Security Restriction Bypass |
Number of ‘Extremely High Risk’ product(s): 2
Number of ‘High Risk’ product(s): 0
Number of ‘Medium Risk’ product(s): 5
Number of ‘Low Risk’ product(s): 0
Evaluation of overall ‘Risk Level’: Extremely High Risk
RISK: Extremely High Risk
TYPE: Operating Systems – Windows OS
Impact
- Denial of Service
- Remote Code Execution
- Elevation of Privilege
- Security Restriction Bypass
- Information Disclosure
- Spoofing
- Data Manipulation
System / Technologies affected
- Browser
- Device
- Exchange Server
- Microsoft Office
- SQL Server
- System Center
- Windows
Solutions
Before installation of the software, please visit the vendor web-site for more details.
- Apply fixes issued by the vendor.
Vulnerability Identifier
Source
Related Link
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
