Hello, welcome to the Wednesday, March 9th, 2020 edition of the Santernet Stormsterners Stormcast. My name is Johannes Ulrich. And today I am recording from London, England.

Well, as I'm recording this, it's patched Tuesday, and with that we got from Microsoft patches for 92 different vulnerabilities.

Out of these 92, 3 R-rated critical,

three have already been disclosed previously,

but none of them has already been exploited.

Probably the most interesting vulnerability here,

I think is actually the RDP client vulnerability.

It's a remote code execution vulnerability.

An attacker would have to trick the victim to connect to a malicious RDP server.

That's usually accomplished via a URL and has been done in the past.

Microsoft does rate this vulnerability as more likely to be exploited,

and details have already been released.

Another critical vulnerability that we have here is CVE 2020-23277.

This is a remote code execution vulnerability in Microsoft Exchange server.

It does require credentials, but any credentials will do and the code will be executed

with elevated approaches, so certainly something to take serious. Two more critical

vulnerabilities here are the remote code execution

vulnerability in the HEVC and the VP9 video extensions. So in order to exploit this, well, all we have

to do is get the user to click on a link in order to view a video. And this may then lead to the code execution using that particular

user's privileges. The number of 92 vulnerabilities also does include chromium patches so they may

have been released a few days earlier,

but they're always sort of included in the list of patches for the particular patch Tuesday.

...