Microsoft Releases Update Including Fixes for Remote Code Execution

Author: Melodie Foster

Date: 9th December 2020

As part of Microsoft’s last Patch Tuesday of this year, Microsoft released patches for 58 vulnerabilities earlier this week. Of these vulnerabilities, nine are critical and 46 are rated as important.

While none of these flaws have been reported as being exploited in the wild, they will still need patching, for example, the vulnerability that carries the highest CVSS score, 8.5 would allow for remote code execution in the Hyper-V virtualisation software. There are also three other remote code execution flaws that have been fixed.

In an advisory about the highest rated vulnerability, Microsoft said, “to exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code when it fails to properly validate vSMB packet data.”

Also released this week is guidance to address a vulnerability in the DNS resolver, where Windows recommends changing the maximum UDP packet size to 1221 bytes (equal to 4C5 Hexadecimal), “for responses larger than 4C5 or 1221, the DNS resolver would now switch to TCP.”

The attack relies on sending spoofed UDP messages which will defeat source port being randomised for DNS requests, so by sending a larger number of requests, the DNS queries will switch to TCP and mitigate the flaw.

It is therefore recommended to apply the latest patches. [1]

[1] https://thehackernews.com/2020/12/microsoft-releases-windows-update-dec.html

Other resources

Cyberfort Colocation Services

Cyberfort has invested heavily in secure infrastructure, making us the perfect colocation service provider to host your mission-critical, sensitive and regulated data.
Find out more >

What can Cyberfort do for you?

Check out our factsheets for detailed information on the matrix of cybersecurity products and services we offer to protect your business.
Find out more >

Cyberfort Deep Dives

Cyberfort’s cybersecurity consultants explore issues in cyber threat intelligence, incident planning and data security. Read our whitepapers to help make decisions that benefit your business.
Find out more >

Cookie Name	Expiration Time	Description
_ga	2 years	Used to distinguish users.
_gid	24 hours	Used to distinguish users.
_gat	1 minute	Used to throttle request rate. If Google Analytics is deployed via Google Tag Manager, this cookie will be named _dc_gtm_<property-id>.

_gac_<property-id>	90 days	Contains campaign related information for the user. If you have linked your Google Analytics and Google Ads accounts, Google Ads website conversion tags will read this cookie unless you opt-out.
__hstc	13 months	The main cookie for tracking visitors.
hubspotutk	13 months	This cookie keeps track of a visitor's identity. It is passed to HubSpot on form submission and used when deduplicating contacts.
__hssc	30 minutes	This cookie keeps track of sessions.
__hssrc	End of session	Whenever HubSpot changes the session cookie, this cookie is also set to determine if the visitor has restarted their browser.

Microsoft Releases Update Including Fixes for Remote Code Execution

Author: Melodie Foster

Date: 9th December 2020

Other resources

Cyberfort Colocation Services

What can Cyberfort do for you?

Cyberfort Deep Dives

Recent Posts

Recent Comments

Archives

Categories

Meta