Out-of-band updates released for Windows 8.1 and Windows Server 2012 R2

Out-of-band updates released for Windows 8.1 and Windows Server 2012 R2

Hello everyone,

 

Microsoft on August 19, released an emergency out-of-band update for two privilege escalation vulnerabilities disclosed in Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 systems.

 

The vulnerabilities are tracked as CVE-2020-1530 and CVE-2020-1537. Both of these vulnerabilities exist in Windows Remote Access Service (RAS) and when exploited, grant elevated privileges to remote attackers.

 

A patch for both vulnerabilities for Windows 10, Windows 7, and Windows Server 2008, 2012, 2016, 2019, and Windows Server versions 1903, 1909, and 2004 systems was released last Patch Tuesday.

 

A week later, Windows 8.1 and Windows Server 2012 R2 were also found vulnerable to these security vulnerabilities. Since a CVSS score of 7.8 is given to these vulnerabilities, it is highly recommended to patch them as soon as possible to protect servers against potential attacks.

 

To patch these vulnerabilities using Patch Manager Plus, initiate a sync between the Central Patch Repository and the Patch Manager Plus server. Search for the following Patch IDs or Bulletin ID and install them in your Windows 8.1 and Windows Server 2012 R2 machines.

 

 

Patch ID

Bulletin ID

Patch Description

29699

MS20-AUG16

Security Update for Windows Server 2012 R2 for x64-based Systems (KB4578013)

29698

MS20-AUG16

Security Update for Windows 8.1 for x64-based Systems (KB4578013)

29700

MS20-AUG16

Security Update for Windows 8.1 for x86-based Systems (KB4578013)

 

Cheers,

The ManageEngine Team

                New to ADSelfService Plus?