January 2020 Threat Intelligence (CRITICAL ALERT)
This month, Microsoft has patched 49 vulnerabilities, with 8 ranked critical. This month's most vital patch is a fix for a flaw in Windows 10, so severe that it urged the US National Security Agency (NSA) to release a public warning. All users are advised to install these security updates as soon as possible to protect themselves from these security risks. Full information on this month's patches can be found here: https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Jan.
The bug discovered by the NSA was a vulnerability in CryptoAPI (Crypt32.dll), the default Windows cryptographic library. The bug (CVE-2020-0601) is considered as bad as it gets. It can allow a threat actor to fake file signatures and launch man-in-the-middle attacks on encrypted HTTPS communications. Part of the advisory released by the NSA stated that the “exploitation of the vulnerability allows attackers to defeat trusted network connections and deliver executable code while appearing as legitimately trusted entities.”
The good news is that there were no vulnerabilities publicly disclosed or found being actively exploited in the wild.
The January 2020 Patch Tuesday also fixes three vulnerabilities in the Windows Remote Desktop Gateway (RD Gateway). Two vulnerabilities (CVE-2020-0609 and CVE-2020-0610) could allow an unauthenticated attacker to perform remote code execution on a vulnerable system. The third vulnerability (CVE-2020-0612) could allow an attacker to perform a denial of service (DoS) on an RDP system and cause it to stop responding. If you use RD Gateway in your organisation, we suggest you install these updates urgently.
Overall, the Microsoft January 2020 Patch Tuesday is smaller than many of Microsoft's 2019 Patch Tuesdays, but it's surely no less important, as the three bugs presented above are unavoidable.
Security vulnerabilities are hackers 'low-hanging fruit. Patching is essential to keeping your information safe. It is also good practice to back up your system or data before applying any updates.