Hello, welcome to the Wednesday, September 9th, 2020 edition of the Sandcent Storm Center's Stormcast. My name is Johannes Ulrich, and then I'm recording from Jacksonville, Florida.

Today, of course, Microsoft patched Tuesday, who thought that after a long weekend, we get a little bit of lighter patch Tuesday.

Nope, certainly not the case.

Now, 129 vulnerabilities with 23 critical.

I think that's about sort of average, maybe a little bit at the low end even.

But what's really interesting here are three vulnerabilities that are remote code execution

vulnerabilities in services.

The first one is a remote code execution vulnerability in Microsoft's SharePoint, CVE 2020,

1210, with a CVSS score of 9.9. That's also the highest CSS score this month.

The problem here is that if an attacker is able to upload a crafted SharePoint application package,

well, the attacker will be able to use this to execute arbitrary code in the context of

the SharePoint server.

So here the real hurdle is kind of to be able to upload this application package, but I'm

sure attackers will find creative ways to make this happen.

Second one, Microsoft Exchange, CVE 2020, 16875.

The CVSS score 9.1, so still in the 9 and with that critical range.

In order to exploit this vulnerability, all the ad hacker has to do is send a crafted email to a vulnerable exchange server, well, and that's what exchange servers are good for.

So I would think this is definitely something that's possible to exploit.

Code being executed would run as the system user,

which I think is what the Exchange Server runs as.

So that's probably why it is the system user,

but please correct me if I'm wrong here.

...