\"Microsoft and NSA say a security bug affects millions of Windows 10 computers. Microsoft has released a security patch for a dangerous vulnerability affecting hundreds of millions of computers running Windows 10. The vulnerability is found in a decades-old Windows cryptographic component, known as\". CryptoAPI.-14 Jan 2020
Thee seems to be a lot of issues with this 2/11/2020 release. On two machines upon install, icons were missing, temp profile installed and custom background changed to default windows. Did not check files, etc.Had to uninstall the update and all returned OK.Lot of similar issues being posted on the microsoft form. I sent mine to Feedback Hub. Hopefully some action to resolve.
CVE-2020-0674 is the one other vulnerability that stands out this month, mostly because it has been found exploited in the wild, so its exploitation is not merely theoretical. Therefore SophosLabs urges to apply immediately the available patches to avoid being compromised by any of those vulnerabilities.
For the February 2020 Patch Tuesday, Microsoft released security updates for Windows 7, 2008 and 2008 R2 systems which are already end of life. Qualys released Patch Tuesday detections (QIDs) which check for these new ESU patches as well.
Microsoft officially ended the support for Windows 7, 2008/R2 on January 14, 2020 and provided the ESU (Extended Support Update) program for customers to keep receiving security updates. However, for this Patch Tuesday (February 12, 2020) they issued patches for customers which have ESU enabled and updates for these out-of-support systems.
Earlier this week, Microsoft rolled out its February 2020 Patch Tuesday updates. As we reported yesterday, the rollup included some important fixes, including patching a critical Internet Explorer zero-day. However, it seems some aspects of this months Patch Tuesday are causing problems.
The important-rated \"Microsoft Secure Boot Security Feature Bypass Vulnerability\" (CVE-2020-0689) allows an attacker who exploited it, as the name suggests, to bypass the secure boot protection offered by Windows 10. Which means they could then load untrusted and potentially malicious software, simply by running a specially crafted application. The good news, part one, is that there is no evidence that this vulnerability has been exploited in the wild. The good news, part two, is that Microsoft has included a fix for this in the Patch Tuesday rollout that blocks vulnerable third-party bootloaders. I'm guessing you are now waiting for the bad news, and here it comes: there are some prerequisites for successfully installing that patch.
All of which is not only recommended but in my never humble opinion essential as the secure boot vulnerability has been publicly disclosed, so there will be threat actors eager to exploit it on unpatched systems. My advice is to go read the Microsoft February 2020 security updates release notes, the security update guide, and the KB articles for your Windows 10 version that are linked from the CVE-2020-0689 details page. The last thing anyone wants is to see this vulnerability end up on the list of ancient Microsoft security flaws that are driving cybercrime in 2020, after all. I'd also advise every user to go read my securing Windows 10 in eight easy steps guide, to ensure you are covering the security basics.
The last actively exploited security flaw that was patched is CVE-2020-1027, found in the way Windows Kernel handles objects in memory. If an attacker with limited system rights exploited this vulnerability, it would allow him to execute malicious code locally and run applications. 1e1e36bf2d