Tenable Advises Organisations to Patch Critical Vulnerabilities in Windows TCP/IP Stack


Microsoft patched 87 CVEs in the October 2020 Patch Tuesday release, including 11 CVEs rated critical. This release follows seven consecutive months of over 100 CVEs patched, in what has been an unusually busy year for Microsoft Patch Tuesday updates.

Please find below additional commentary from Satnam Narang, Staff Research Engineer at Tenable. A full analysis by Tenable can be found here.

This month’s Patch Tuesday includes fixes for 87 CVEs, 11 of which are rated critical. This marks the first time since February that Microsoft patched less than 100 CVEs. The most critical vulnerability in this month’s release is CVE-2020-16898, a remote code execution vulnerability in the Windows TCP/IP stack. Dubbed “Bad Neighbor” by researchers at McAfee, the flaw occurs because Windows TCP/IP stack does not properly handle ICMPv6 Router Advertisement packets.

To exploit this vulnerability, an attacker would need to send a malicious ICMPv6 Router Advertisement to their targeted Windows machine. It received a CVSSv3 score of 9.8, the highest score assigned to any vulnerability in this month’s release. Microsoft also patched CVE-2020-16899, a denial of service vulnerability in the Windows TCP/IP stack. Both vulnerabilities were discovered internally by Microsoft and are rated as ‘Exploitation More Likely,’ according to Microsoft’s Exploitability Index. Microsoft also addressed CVE-2020-16896, an information disclosure vulnerability in Windows Remote Desktop Protocol.

While the vulnerability is rated as ‘Important’ and received a CVSSv3 score of 7.5, Microsoft says exploitation is more likely. To exploit the flaw, an attacker would need to connect to a system that is running RDP and send specially crafted requests to it. This information could be used by the attacker for further compromise. RDP is a prime target for cybercriminals, especially those looking to launch ransomware attacks. If an organization is exposing RDP to the Internet, they need to ensure they’ve taken appropriate steps to harden RDP, which includes ensuring all patches are applied in a timely manner.”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: