SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Microsoft disclosed 16 critical vulnerabilities as part of Patch Tuesday
Description: Microsoft released its monthly security update Tuesday, disclosing 120 vulnerabilities across its array of products. Sixteen of the vulnerabilities are considered "critical," including one that Microsoft says is currently being exploited in the wild. Users of all Microsoft and Windows products are urged to update their software as soon as possible to avoid possible exploitation of all these bugs. Microsoft Media Foundation contains the largest number of these critical vulnerabilities. The bugs (CVE-2020-1379, CVE-2020-1477, CVE-2020-1492, CVE-2020-1525 and CVE-2020-1554) could all allow an adversary to corrupt memory in a way that would allow them to execute code remotely on the victim machine. Any of these vulnerabilities could be triggered if the target opens a specially crafted document or web page.
Snort SIDs: 54733 - 54746, 54753, 54754
Title: Cisco reports high-severity vulnerabilities in AnyConnect VPN, small business switches and routers
Description: Cisco warned users last week to update multiple lines of switches and routers, as well as the company's VPN service. Some of the affected products could be force-rebooted and knocked offline. The AnyConnect VPN client for Windows also has a bug that could allow an adversary to perform a dynamic link library (DLL) hijacking attack. If a malicious user was to obtain credentials for the targeted Windows system, they could then execute malicious code with system-level privileges.
Snort SIDs: 54698 - 59702