Our micropatches for Windows and Microsoft Office versions that no longer receive official security fixes

mitja.kolsek -

This article presents the current status of vulnerabilities affecting Windows versions that we have "security adopted" , as well as the current status of our micropatches issued for these vulnerabilities. Note that in order for us to issue a micropatch for a vulnerability, we must consider it high-risk and have a test case ("POC", proof-of-concept) at hand to be able to reproduce and analyze the issue. Accordingly, only vulnerabilities currently eligible for micropatching are included in the table.    

The table below is continually updated with status changes (e.g., if a vulnerability becomes exploited, if our risk assessment changes, when we issue a micropatch) and new eligible vulnerabilities as we become aware of them either through Microsoft's documentation or other sources (e.g., a vulnerability getting published or privately reported to us).

For any questions please contact support@0patch.com.

CVE ID Title Public RCE Exploited Comment 0patch status
CVE-2023-36047 Windows Authentication Elevation of Privilege Vulnerability yes no no POC shared by security researcher

Micropatch issued on 5/30/2024 for Windows 11 v21H2

CVE-2023-35628 Windows MSHTML Platform Remote Code Execution Vulnerability yes yes no POC shared by security researcher

Micropatch issued on 4/25/2024 for Windows 11 v21H2, Windows Server 2012 R2

CVE-2022-38034
CVE-2022-38045
No CVE
Windows Workstation and Server Service Elevation of Privilege Vulnerability yes no no POC shared by security researcher

Micropatch issued on 4/24/2024 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004,

CVE-2023-21771 Windows Local Session Manager Elevation of Privilege yes no no POC shared by security researcher

Micropatch issued on 4/4/2024 for Windows 10 v2004, Windows 10 v21H1

CVE-2024-21320 Leaking NTLM Credentials Through Windows Themes yes no no POC shared by security researcher

Micropatch issued on 4/2/2024 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v20H2, Windows 10 v21H1, Windows 11 v21H2, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2

CVE-2024-21413 Microsoft Outlook "MonikerLink" Remote Code Execution Vulnerability yes yes no POC shared by security researcher

Micropatch issued on 3/15/2024 for Microsoft Office 2010 and 2013

CVE-2023-35636 Microsoft Outlook Information Disclosure Vulnerability yes no no POC shared by security researcher

Micropatch issued on 2/23/2024 for Microsoft Office 2010 and 2013

CVE-2022-37981 Windows Event Log "OverLog" Denial of Service yes no no POC shared by security researcher

Micropatch issued on 2/19/2024 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

No CVE Windows Event Log "LogCrusher" Denial of Service yes no no POC shared by security researcher

Micropatch issued on 2/9/2024 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2023-36003 Microsoft Windows XAML diagnostics API Elevation of Privilege yes no no POC shared by security researcher

Micropatch issued on 2/6/2024 for Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v20H2, Windows 10 v21H1, Windows 11 v21H2

0day "EventLogCrasher" 0day For Remotely Disabling Windows Event Log yes no no POC shared by security researcher

Micropatch issued on 1/31/2024 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v20H2, Windows 10 v21H1, Windows 11 v21H2, Windows Server 2012, Windows Server 2012 R2

CVE-2023-36025
CVE-2024-21412
Windows SmartScreen Security Feature Bypass yes no yes POC shared by security researcher

Micropatch issued on 12/12/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v20H2, Windows 10 v21H1, Windows Server 2012, Windows Server 2012 R2

0day Microsoft Access Forced Authentication Through Firewall yes no no POC shared by security researcher

Micropatch issued on 11/24/2023 for Office 2010, Office 2013, Office 2016, Office 2019, Office 2021 and Office 365

0day Microsoft Office Security Feature Bypass (flawed vendor patch) yes no no Discovered by 0patch team

Micropatch issued on 10/9/2023 for Office 2010, Office 2013, Office 2016, Office 2019, Office 2021 and Office 365

CVE-2023-33150 Microsoft Office Security Feature Bypass yes no no POC shared by security researcher

Micropatch issued on 10/9/2023 for Office 2010 and Office 2013

CVE-2023-36906 Windows CNG Key Isolation Service Information Disclosure yes no no POC shared by security researcher

Micropatch issued on 10/9/2023 for Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v21H1

CVE-2023-28229 Windows CNG Key Isolation Service Elevation of Privilege yes no yes POC shared by security researcher

Micropatch issued on 10/9/2023 for Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v21H1

CVE-2023-36874

 

Windows Error Reporting Service Elevation of Privilege yes no yes Details discussed on social media Micropatch issued on 9/6/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v21H1

CVE-2023-36884

 

Windows Search Remote Code Execution yes yes yes Details discussed on social media Micropatch issued on 9/6/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v21H1

CVE-2023-36884

(mitigation)

Office and Windows HTML Remote Code Execution no yes yes 0day, only mitigations were publicly available; our patch implements the cross-protocol file navigation mitigation. Micropatch issued on 7/21/2023 for all still supported and all security-adopted Windows versions
CVE-2023-21769 Denial of Service in Microsoft Message Queuing yes no no POC shared by security researcher

Micropatch issued on 7/14/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v21H1

CVE-2023-28302 Denial of Service in Microsoft Message Queuing yes no no POC shared by security researcher

Micropatch issued on 7/14/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v21H1

CVE-2023-28231 Remote Code Execution in DHCP Server Service yes yes no POC shared by security researcher

Micropatch issued on 6/30/2023 for Windows Server 2008 R2

CVE-2023-21541 Local Privilege Escalation in Windows Task Scheduler yes no no POC shared by security researchers

Micropatch issued on 6/30/2023 for Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2023-29325 Remote Code Execution in Windows OLE yes yes no POC shared by security researcher

Micropatch issued on 6/5/2023 for Office 2010 and 2013

CVE-2023-21554 "QueueJumper" Remote Code Execution in Microsoft Message Queuing yes yes no POC shared by security researcher

Micropatch issued on 5/30/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10 v21H1

CVE-2023-21880 Local Privilege Escalation in Microsoft Installer yes no no POC shared by security researchers

Micropatch issued on 4/19/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2023-23397
CVE-2023-29324
CVE-2023-35384
CVE-2024-20652
Microsoft Outlook Notification File NTLM Hash Theft yes no yes POC shared by security researchers

Micropatch issued on 3/22/2023 for Outlook 2010

CVE-2023-21716 Microsoft Word Remote Code Execution yes yes no POC shared by security researcher

Micropatch issued on 3/9/2023 for Word 2010

CVE-2022-34689 Windows CryptoAPI Spoofing yes no no POC shared by security researchers

Micropatch issued on 3/1/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2022-41033 Windows COM+ Event System Service Elevation of Privilege Vulnerability yes no yes POC shared by security researchers

Micropatch issued on 3/1/2023 for Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2022-44666 Windows Address Book Remote Code Execution (flawed fix for CVE-2022-44666) yes yes no POC shared by security researchers

Micropatch issued on 2/6/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004, Windows 10v21H1

CVE-2023-21746 Windows "LocalPotato" NTLM Elevation of Privilege yes no no POC shared by security researchers

Micropatch issued on 2/9/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2023-21752 Windows Backup Service Elevation of Privilege yes no no POC published by security researcher

Micropatch issued on 1/31/2023 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2022-37973 Windows Local Session Manager (LSM) Denial of Service Vulnerability yes no no POC published by security researcher

Micropatch issued on 1/23/2023 for Windows 10 v2004

CVE-2022-41128 Type confusion in Internet Explorer's JScript9 engine yes yes yes POC published by security researcher

Micropatch issued on 12/19/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2022-35841 Windows Enterprise App Management Service Remote Code Execution yes no no POC published by security researcher

Micropatch issued on 12/1/2022 for Windows 10 v1803, Windows 10 v1809, Windows 10 v1903, Windows 10 v1909, Windows 10 v2004

CVE-2022-44698, CVE-2022-44698 Bypassing MotW Security Warning with Invalid Signature yes no yes POC published by security researcher

Micropatch issued on 10/28/2022 for Windows 10 v1803, Windows 10 v1809, Windows 10 v1903, Windows 10 v1909, Windows 10 v2004 (and other Windows versions up to and including Windows 11 and Server 2022)

CVE-2022-30206 Windows Print Spooler Elevation of Privilege yes no no POC published by security researcher

Micropatch issued on 10/26/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1903, Windows 10 v1909, Windows 10 v2004

CVE-2022-21997 Windows Print Spooler Elevation of Privilege yes no no POC published by security researcher

Micropatch issued on 10/26/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1903, Windows 10 v1909, Windows 10 v2004

CVE-2022-33647 CVE-2022-33679
CVE-2023-28244

Windows Kerberos Elevation of Privilege yes no no POC published by security researcher

Micropatch issued on 10/25/2022 for Server 2008 R2

CVE-2022-41049 "ZippyReads" Bypassing Mark of the Web on Unzipped Files no no yes  

Micropatch issued on 10/16/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1903, Windows 10 v1909, Windows 10 v2004 (and other Windows versions up to and including Windows 11 and Server 2022)

CVE-2022-34721 Windows IKE Extension Remote Code Execution yes yes no POC published by security researcher

Micropatch issued on 10/5/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1903, Windows 10 v1909, Windows 10 v2004

CVE-2022-35756 Windows Kerberos Elevation of Privilege yes no no POC published by security researcher

Micropatch issued on 9/30/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1903, Windows 10 v1909, Windows 10 v2004

CVE-2022-35742 Memory Corruption in Microsoft Outlook yes potentially no POC published by security researcher

Micropatch issued on 9/14/2022 for Outlook 2010

CVE-2022-21849 Windows IKE Extension Remote Code Execution yes yes no POC published by security researcher

Micropatch issued on 9/8/2022 for Windows 10 v1803, Windows 10 v1809, Windows 10 v2004

CVE-2022-30166 Local Privilege Escalation in LSASS yes no no POC published by security researcher

Micropatch issued on 8/31/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

Unknown Print Spooler SplEnumForms Elevation of Privilege yes no no POC published by security researcher

Micropatch issued on 8/31/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v2004

0day / wontfix "KrbRelay" Elevation of Privilege yes no no POC published by security researcher

Micropatch issued on 8/10/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

0day / wontfix Windows Distributed File System "DFSCoerce" Privilege Escalation yes yes no POC published by security researcher

Micropatch issued on 6/27/2022 for Server 2008 R2

0day / wontfix Windows Print Spooler "PrinterBug/SpoolSample" Privilege Escalation yes yes yes POC published by security researcher

Micropatch issued on 6/27/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2022-34713 Microsoft Diagnostic Tool "DogWalk" Package Path Traversal yes yes no POC published by security researcher

Micropatch issued on 6/7/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2022-30190 "Follina" Microsoft Diagnostic Tool Remote Code Execution yes yes yes Exploit found in the wild

Micropatch issued on 6/1/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v1909, Windows 10 v2004

CVE-2022-26809
CVE-2022-22019
Remote Procedure Call Runtime Integer Overflows (Remote code execution) yes yes no POC published by security researcher

Micropatch issued on 5/17/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v2004

CVE-2022-21990 Remote Desktop Client Remote Code Execution yes yes no POC published by security researcher

Micropatch issued on 5/10/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v2004

CVE-2022-21974 Roaming Security Rights Management Services Remote Code Execution yes yes no POC published by security researcher

Micropatch issued on 3/10/2022 for Windows 10 v1803, Windows 10 v1809, Windows 10 v2004

CVE-2022-21971 Windows Runtime Remote Code Execution yes yes no POC published by security researcher

Micropatch issued on 3/10/2022 for Windows 10 v1803, Windows 10 v1809, Windows 10 v2004

CVE-2022-21999 "SpoolFool" Windows Print Spooler Elevation of Privilege yes no no POC published by security researcher

Micropatch issued on 3/9/2022 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809, Windows 10 v2004

CVE-2021-42278 Active Directory Domain Services Elevation of Privilege yes no no POC published by security researcher

Micropatch issued on 2/17/2022 for Windows Server 2008 R2

0day / wontfix "RemotePotato0" Local Privilege Escalation yes no no POC published by security researchers

Micropatch issued on 1/12/2022 for Windows 10 v1803, Windows 10 v1809, Windows 7 and Server 2008 R2

CVE-2021-43883 "InstallerFileTakeOver" Windows Installer Local Privilege Escalation yes no yes POC published by security researcher

Micropatch issued on 12/2/2021 for Windows 10 v1803, Windows 10 v1809 (Windows 7 and Server 2008 R2 without ESU are not affected)

CVE-2021-24084 Local Privilege Escalation in Mobile Device Management Service yes no no POC published by security researcher

Micropatch issued on 11/26/2021 for Windows 10 v1809 (Windows 7, Windows Server 2008 R2, and Windows 10 v1803 not exploitable)

CVE-2021-40469 Remote Code Execution in DNS Service yes yes no POC published by security researcher

Micropatch issued on 11/19/2021 for Windows Server 2008 R2

CVE-2021-34484 Local Privilege Escalation in User Profile Service yes no no POC published by security researcher

Micropatch issued on 11/10/2021 for Windows 10 v1809 (Windows 7, Windows Server 2008 R2, and Windows 10 v1803 likely not exploitable)

CVE-2021-34480 Memory Corruption in Windows Scripting Engine yes yes no POC published by security researcher

Micropatch issued on 10/11/2021 for Windows 7, Windows Server 2008 R2, Windows 10 v1803, Windows 10 v1809

CVE-2021-40444 Windows MSHTML Remote Code Execution yes yes yes Public exploit available

Micropatch issued on 9/27/2021 for Windows 10 v1803, Windows 10 v1809

CVE-2021-33742 Windows MSHTML Remote Code Execution yes yes yes POC published by security researcher

Micropatch issued on 8/23/2021 for Windows 10 v1803, Windows 10 v1809

CVE-2021-36942 "PetitPotam" NTLM Relay Vulnerability yes yes no POC published by security researcher

Micropatch issued on 8/6/2021 for Windows Server 2008 R2

N/A (0day) "Malicious Printer Driver" Vulnerability yes yes no POC published by security researcher

Micropatch issued on 8/5/2021 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809

CVE-2020-0787 Microsoft Windows Background Intelligent Transfer Service Elevation of Privilege yes no yes POC published by security researcher

Micropatch issued on 8/2/2021 for Windows 7 and Server 2008 R2

CVE-2021-34527 "PrintNightmare" Print Spooler Remote Code Execution yes yes yes POC published by security researcher

Micropatch issued on 7/2/2021 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809

CVE-2021-31959 Remote Code Execution Issue in Internet Explorer yes yes no POC published by security researcher

Micropatch issued on 6/14/2021 for Windows 7, Server 2008 R2, Windows 10 v1803, Windows 10 v1809

CVE-2021-26419 Remote Code Execution Issue in Internet Explorer yes yes no POC published by security researcher

Micropatch issued on 5/18/2021 for Windows 7 and Server 2008 R2

CVE-2021-26415 Windows Installer Local Privilege Escalation yes no no POC published by security researcher Micropatch issued on 5/6/2021 for Windows 7 and Server 2008 R2
CVE-2021-26897 Windows DNS Server SIG Record Buffer Overflow yes yes no POC recreated from public data

Micropatch issued on 3/23/2020 for Windows Server 2008 R2 (Windows 7 is not affected)

CVE-2021-26877 Windows DNS Server TXT Record Out-Of-Bounds Read yes yes no POC recreated from public data

Micropatch issued on 3/23/2021 for Windows Server 2008 R2 (Windows 7 is not affected)

CVE-2021-26411 Internet Explorer HTML Attribute nodeValue Double Free yes yes yes POC published by security researchers, exploited in an attack campaign against security researchers

Micropatch issued on 2/11/2021 for Windows 7 and Server 2008 R2

CVE-2020-1030 Windows Print Spooler Elevation of Privilege yes no no POC published by security researcher Micropatch issued on 2/9/2021 for Windows 7 and Server 2008 R2
CVE-2021-1727 Windows Installer Local Privilege Escalation yes no no POC published by security researcher Micropatch issued on 1/28/2021 for Windows 7 and Server 2008 R2
CVE-2020-1013 WSUS Spoofing Local Privilege Escalation yes no no POC published by security researcher Micropatch issued on 12/23/2020 for Windows 7 and Server 2008 R2
CVE-2020-17001 Windows Print Spooler Elevation of Privilege yes no no POC published by security researcher Micropatch issued on 12/2/2020 for Windows 7 and Server 2008 R2
CVE-2021-27091
N/A (0day)
Windows RpcEptMapper and Dnscache Service Insecure Registry Permissions EoP yes no no POC published by security researcher. Microsoft fixed the issue for RpcEptMapper (CVE-2021-27091) with April 2021 updates but Dnscache is still affected Micropatch issued on 11/25/2020 for Windows 7 and Server 2008 R2
CVE-2020-1300 Windows Cabinet File Directory Traversal yes yes no POC published by security researcher

Micropatch issued on 11/17/2020 for Windows 7 and Server 2008 R2

CVE-2021-1640 Windows Print Spooler Arbitrary File Creation no no no Vulnerability discovered by the 0patch team and reported to Microsoft. (Microsoft fixed it after 130+ days.)

Micropatch issued on 10/27/2020 for Windows 7 and Server 2008 R2

CVE-2020-0968 Scripting Engine Memory Corruption yes yes no POC published by security researcher

Micropatch issued on 10/16/2020 for Windows 7 and Server 2008 R2

CVE-2020-1062 Scripting Engine Memory Corruption yes yes no POC published by security researcher

Micropatch issued on 10/16/2020 for Windows 7 and Server 2008 R2

CVE-2020-1472 Microsoft Netlogon Elevation of Privilege ("Zerologon") yes no yes POC published by security researchers, exploited in various ransomware campaigns

Micropatch issued on 9/17/2020 for Windows Server 2008 R2

CVE-2020-1380 Scripting Engine Memory Corruption yes yes yes POC published by security researchers, exploited in Operation PowerFall

Micropatch issued on 9/14/2020 for Windows 7 and Server 2008 R2

CVE-2020-1530 Windows Remote Access Phonebook Use-After-Free yes yes no POC published by security researcher

Micropatch issued on 9/9/2020 for Windows 7 and Server 2008 R2

(Note that the vulnerability exists in two places, each in its own DLLs, which is why each Windows platform has two micropatches.)

CVE-2020-1337 Windows Print Spooler Elevation of Privilege Vulnerability yes no no POC published by security researcher Micropatch issued on 9/1/2020 for Windows 7 and Server 2008 R2
CVE-2020-1113 Windows Task Scheduler Security Feature Bypass yes yes no POC published by security researcher Micropatch issued on 8/11/2020 for Windows Server 2008 R2
CVE-2020-1350 Windows DNS Server Remote Code Execution VulnerabilityWindows DNS Server Remote Code Execution Vulnerability yes yes no POC published by security researcher Micropatch issued on 7/17/2020 for Windows Server 2008 R2
CVE-2020-0662 Memory Corruption in Windows DHCP Message Processing yes yes no POC published by security researcher Micropatch issued on 7/16/2020 for Windows 7 and Server 2008 R2
CVE-2020-1299 LNK Remote Code Execution Vulnerability no yes no POC provided by security researcher Micropatch issued on 6/26/2020 for Windows 7 and Server 2008 R2
CVE-2020-1281 OLE Remote Code Execution Vulnerability yes yes no POC published by researcher Micropatch issued on 6/16/2020 for Windows 7 and Server 2008 R2
CVE-2020-1015 User-Mode Power Service Memory Corruption yes no no POC published by researcher Micropatch issued on 5/27/2020 for Windows 7 and Server 2008 R2
CVE-2020-1048 Print Spooler Elevation of Privilege ("PrintDemon") yes no yes POC published by researcher Micropatch issued on 5/20/2020 for Windows 7 and Server 2008 R2
CVE-2020-0687 Microsoft Graphics Remote Code Execution Vulnerability no yes no POC provided by security researcher Micropatch issued on 4/22/2020 for Windows 7 and Server 2008 R2
CVE-2020-0729 LNK Remote Code Execution Vulnerability yes yes no User must be tricked into opening a folder under attacker's control (e.g., from a remote share or a USB key). Stuxnet exploited a similar vulnerability. Micropatch issued on 4/3/2020 for Windows 7 and Server 2008 R2
CVE-2020-0938, CVE-2020-1020 Type 1 Font Parsing Remote Code Execution Vulnerability no yes yes Initially a 0day, fixed by Microsoft with April 2020 updates. Micropatch issued on 3/27/2020 for Windows 7 and Server 2008 R2 - this micropatch prevents the processing of Type 1 PostScript fonts
CVE-2020-0668 Windows Service Tracing Elevation of Privilege Vulnerability yes no no POC published by researcher Micropatch issued on 3/20/2020 for Windows 7 and Server 2008 R2
CVE-2020-0881 GDI+ Remote Code Execution Vulnerability no yes no POC obtained Micropatch issued on 3/19/2020 for Windows 7 and Server 2008 R2
CVE-2020-0683 Windows Installer Elevation of Privilege Vulnerability yes no no POC published by researcher Micropatch issued on 3/12/2020 for Windows 7 and Server 2008 R2
CVE-2020-0674 Scripting Engine Memory Corruption Vulnerability yes yes yes Found exploited in the wild in limited attacks; vendor initially provided a workaround; we created a micropatch to implement the same workaround without side effects

Micropatch issued on 2/19/2020 for Windows 7 / Server 2008 R2, and previous "temporary workaround" micropatch (402) revoked for these platforms

Micropatch issued on 2/21/2020 for Windows 10 v1903/v1909 and previous "temporary workaround" micropatch (407) revoked for these platforms

Note: this micropatch modifies the behavior of JScript function sort such that calling it with a callback function will behave as if it was called without one (i.e., sort will always perform a string-based sort). We assess this will affect a small number of applications, and not in a critical way.

("Temporary workaround" micropatches 403, 404, 405, 407 remain in place for other platforms.)

             
 

 

Have more questions? Submit a request

2 Comments

  • 0
    Avatar
    bg4ashak

    Newby here.  I have an account (obviously), where do I find downloadable Win-7 25 November 2020 micropatch?

  • 2
    Avatar
    bg4ashak

    Found it!

Please sign in to leave a comment.