Status of Windows 7 and Windows Server 2008 R2 micropatches

mitja.kolsek -

This article presents the current status of vulnerabilities affecting Windows 7 and Windows Server 2008 R2 after their end of support on January 14, 2020, as well as the current status of our micropatches issued for these vulnerabilities. Note that in order for us to issue a micropatch for a vulnerability, we must consider it high-risk and have a test case ("POC", proof-of-concept) at hand to be able to reproduce and analyze the issue.      

The table below will be continually updated with status changes (e.g., if a vulnerability becomes exploited, if our risk assessment changes, when we issue a micropatch) and new vulnerabilities as we become aware of them either through Microsoft's documentation or other sources (e.g., a vulnerability getting published or privately reported to us).

For any questions please contact support@0patch.com.

 
CVE ID Title Public RCE Exploited Comment 0patch status
CVE-2020-0674 Scripting Engine Memory Corruption Vulnerability yes yes yes Found exploited in the wild in limited attacks; vendor initially provided a workaround; we created a micropatch to implement the same workaround without side effects

Micropatch issued on 2/19/2020 for Windows 7 / Server 2008 R2, and previous "temporary workaround" micropatch (402) revoked for these platforms

Note: this micropatch modifies the behavior of JScript function sort such that calling it with a callback function will behave as if it was called without one (i.e., sort will always perform a string-based sort). We assess this will affect a small number of applications, and not in a critical way.

("Temporary workaround" micropatches 403, 404, 405, 407 remain in place for other platforms.)

CVE-2020-0683 Windows Installer Elevation of Privilege Vulnerability yes no no POC published by researcher POC obtained, issue reproduced, analysis underway
CVE-2020-0686 Windows Installer Elevation of Privilege Vulnerability yes no no POC published by researcher POC obtained, issue reproduced, analysis underway
CVE-2020-0668 Windows Service Tracing Elevation of Privilege Vulnerability yes no no POC published by researcher Analysis underway, developing a POC
CVE-2020-0673 Scripting Engine Memory Corruption Vulnerability no yes no Likely related to CVE-2020-0674 Trying to obtain a POC; meanwhile, our workaround micropatches for CVE-2020-0674 should prevent this vulnerability from being exploited
CVE-2020-0655 Remote Desktop Services Remote Code Execution Vulnerability no yes no To exploit this vulnerability, an attacker must already have compromised a system running Remote Desktop Services, and then wait for a victim system to connect to Remote Desktop Services. Trying to obtain a POC
CVE-2020-0662 Windows Remote Code Execution Vulnerability no yes no To exploit the vulnerability, an attacker who has a domain user account could create a specially crafted request, causing Windows to execute arbitrary code with elevated permissions. Trying to obtain a POC
CVE-2020-0681 Remote Desktop Client Remote Code Execution Vulnerability no yes no User must connect to a malicious or compromised server with Remote Desktop Client, in the former case having to confirm a security warning about an invalid server certificate Trying to obtain a POC
CVE-2020-0708 Windows Imaging Library Remote Code Execution Vulnerability no yes no To exploit this vulnerability, an attacker would  have to coerce a victim to open a specially crafted file. Trying to obtain a POC
CVE-2020-0729 LNK Remote Code Execution Vulnerability no yes no User must be tricked into opening a folder under attacker's control (e.g., from a remote share or a USB key) Analysis underway, developing a POC
CVE-2020-0734 Remote Desktop Client Remote Code Execution Vulnerability no yes no User must connect to a malicious or compromised server with Remote Desktop Client, in the former case having to confirm a security warning about an invalid server certificate Trying to obtain a POC
CVE-2020-0738 Media Foundation Memory Corruption Vulnerability no yes no Exploit confirmed against a sample app; exploitation against actual applications questionable  Analysis underway, developing a POC
CVE-2020-0657 Windows Common Log File System Driver Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0665 Active Directory Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0666 Windows Search Indexer Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0667 Windows Search Indexer Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0678 Windows Error Reporting Manager Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0680 Windows Function Discovery Service Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0682 Windows Function Discovery Service Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0691 Win32k Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0703 Windows Backup Service Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0715 Windows Graphics Component Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0719 Win32k Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0720 Win32k Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0721 Win32k Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0722 Win32k Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0723 Win32k Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0724 Win32k Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0725 Win32k Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0726 Win32k Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0730 Windows User Profile Service Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0731 Win32k Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0735 Windows Search Indexer Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0737 Windows Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0745 Windows Graphics Component Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0752 Windows Search Indexer Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0753 Windows Error Reporting Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
CVE-2020-0754 Windows Error Reporting Elevation of Privilege Vulnerability no no no   Currently assessed as low-risk
             

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.