Fecha recomendada: 14 de octubre de 2020

  Descripción

Microsoft addresses several vulnerabilities in its October security bulletin. Trend Micro Deep Security covers the following:

  • CVE-2020-16915 - Media Foundation Memory Corruption Vulnerability
    Risk Rating: Critical

    This memory corruption vulnerability exists in the mishandling of objects in memory by the Windows Media Foundation. Attackers looking to take advantage of this vulnerability must convince a user to a webpage that hosts an exploit to this vulnerability.


  • CVE-2020-16922 - Windows Spoofing Vulnerability
    Risk Rating: Important

    This spoofing vulnerability exists in the validation of file signatures. When the vulnerability is successfully exploited, it will allow loading of potentially malicious files.


  • CVE-2020-16896 - Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
    Risk Rating: Important

    This information disclousre vulnerability exists in the RDP when it checks specially crafted requests. When the vulnerability is successfully exploited, an attacker could gain information to further attacks to the vulnerable machine.


  Revelación de la información

Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend Micro customers using the Vulnerability Protection are also protected from attacks using these vulnerabilities.

Vulnerability ID DPI Rule Number DPI Rule Name Release Date Vulnerability Protection Compatibility
CVE-2020-16915 1010552 Microsoft Windows Media Foundation Memory Corruption Vulnerability over SMB (CVE-2020-16915) 13-Oct-20 YES
CVE-2020-16922 1010554 Microsoft Windows Spoofing Vulnerability (CVE-2020-16922) 13-Oct-20 YES
CVE-2020-16915 1010552 Microsoft Windows Media Foundation Memory Corruption Vulnerability over HTTP (CVE-2020-16915) 13-Oct-20 YES
CVE-2020-16896 1010556 Microsoft Windows Remote Desktop Protocol Information Disclosure Vulnerability (CVE-2020-16896) 13-Oct-20 YES