{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Windows Server 2012","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 8.1 for 32-bit systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 for Itanium-Based Systems Service Pack 2","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2019 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2019","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2012 R2","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 7 for 32-bit Systems Service Pack 1","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1909 for 32-bit Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1903 for ARM64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2016 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 R2 for x64-based Systems Service Pack 1","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1709 for x64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1709 for ARM64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 for 32-bit Systems Service Pack 2","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows RT 8.1","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 8.1 for x64-based systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1809 for x64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1709 for 32-bit Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1803 for x64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2012 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1809 for ARM64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1803 for ARM64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1903 for 32-bit Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1607 for 32-bit Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1803 for 32-bit Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2008 for x64-based Systems Service Pack 2","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2016","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1607 for x64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1809 for 32-bit Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1909 for ARM64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1903 for x64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 for x64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 Version 1909 for x64-based Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows Server 2012 R2 (Server Core installation)","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 10 for 32-bit Systems","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}},{"description":"Windows 7 for x64-based Systems Service Pack 1","product":{"name":"Windows","vendor":{"name":"Microsoft","scada":false}}}],"affected_systems_content":null,"closed_at":"2020-06-23","content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur (cf. section\nDocumentation).\n\n## Contournement provisoire\n\n**\\[Mise \u00e0 jour du 15 avril 2020\\]**\n\nLes correctifs de s\u00e9curit\u00e9 sont disponibles depuis le 14 avril 2020, le\nCERT-FR recommande donc de privil\u00e9gier leur application par rapport aux\nmesure de contournement d\u00e9crites ci-apr\u00e8s.\n\n**\\[Publication initiale\\]**\n\nLe CERT-FR recommande d'appliquer les contournements propos\u00e9s par\nl'\u00e9diteur dans son bulletin de s\u00e9curit\u00e9 \u00e0 savoir :\n\n-   La d\u00e9sactivation du panneau de pr\u00e9visualisation dans Windows\n    Explorer\n-   La d\u00e9sactivation du service WebClient\n-   Le renommage ou la d\u00e9sactivation de la biblioth\u00e8que ATMFD.DLL\n\nLes deux premi\u00e8res mesures permettent de limiter le chargement\nautomatique de la biblioth\u00e8que, mais seul la derni\u00e8re mesure\u00a0 permet de\ncontourner la vuln\u00e9rabilit\u00e9.\n","cves":[{"name":"CVE-2020-1020","url":"https://www.cve.org/CVERecord?id=CVE-2020-1020"},{"name":"CVE-2020-0938","url":"https://www.cve.org/CVERecord?id=CVE-2020-0938"}],"links":[{"title":"Avis CERT-FR CERTFR-2020-AVI-224 du 15 avril 2020","url":"https://www.cert.ssi.gouv.fr/avis/CERTFR-2020-AVI-224/"}],"reference":"CERTFR-2020-ALE-009","revisions":[{"description":"Version initiale","revision_date":"2020-03-24T00:00:00.000000"},{"description":"Disponibilit\u00e9 des correctifs et ajout des identifiants CVE","revision_date":"2020-04-15T00:00:00.000000"},{"description":"Correction CVE-2020-1020 au lieu de CVE-2020-2010","revision_date":"2020-04-16T00:00:00.000000"},{"description":"Cl\u00f4ture de l'alerte. La cl\u00f4ture d'une alerte ne signifie pas la fin d'une menace. Seule l'application de la mise \u00e0 jour permet de vous pr\u00e9munir contre l'exploitation de la vuln\u00e9rabilit\u00e9 correspondante.","revision_date":"2020-06-23T00:00:00.000000"}],"risks":[{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"}],"summary":"<strong>\\[Mise \u00e0 jour du 15 avril 2020\\]</strong>\n\nLe 14 avril 2020, Microsoft a publi\u00e9 les correctifs de s\u00e9curit\u00e9 pour les\nvuln\u00e9rabilit\u00e9s CVE-2020-1020 et CVE-2020-0938 \u00e0 l'occasion de sa mise \u00e0\njour mensuelle. Le CERT-FR recommande l\u2019application des correctifs dans\nles plus brefs d\u00e9lais.\n\nMicrosoft a \u00e9galement mis \u00e0 jour son\navis\u00a0[ADV200006](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200006)\u00a0pour\ndonner les \u00e9tapes \u00e0 suivre pour annuler les effets des mesures de\ncontournement (voir les paragraphes \"<strong>How to undo the workaround.</strong>\").\n\n<strong>\\[Publication initiale\\]</strong>\n\nLa biblioth\u00e8que *Adobe Type Manager Library* utilis\u00e9e dans *Microsoft\nWindows* assure la gestion des polices de caract\u00e8re pour le format\npostscript. Celle-ci est charg\u00e9e lors de la lecture d'un fichier. La\nlecture d'un fichier peut \u00eatre demand\u00e9e explicitement par l'utilisateur\n(ouverture d'une pi\u00e8ce jointe) comme implicitement r\u00e9alis\u00e9e par un\nmoteur de rendu automatique (pr\u00e9visualisation de miniatures).\n\nLe 23 mars 2020, l'\u00e9diteur a \u00e9mis un bulletin de s\u00e9curit\u00e9 indiquant que\ncette biblioth\u00e8que ne prenait pas correctement en charge le traitement\ndes polices de caract\u00e8re multi-ma\u00eetres. Les deux vuln\u00e9rabilit\u00e9s\nassoci\u00e9es sont en ce moment exploit\u00e9es dans la cadre d'un nombre limit\u00e9\nd'attaques cibl\u00e9es. L'\u00e9diteur pr\u00e9voit d'int\u00e9grer le correctif dans son\ncycle r\u00e9gulier de mise \u00e0 jour.\n\nCes vuln\u00e9rabilit\u00e9s peuvent \u00eatre exploit\u00e9es en demandant \u00e0 un utilisateur\nd'ouvrir un fichier malveillant ou en affichant le document dans\nl'espace de pr\u00e9visualisation de l'explorateur de fichier.\n\nIl est \u00e0 noter que le panneau de pr\u00e9visualisation de *Microsoft Outlook*\nn'est pas impact\u00e9 par cette vuln\u00e9rabilit\u00e9 et que l'impact est limit\u00e9\npour les versions de *Windows* 10 sup\u00e9rieures ou \u00e9gales \u00e0 1703 pour\nlesquelles la gestion des polices de caract\u00e8re est g\u00e9r\u00e9e dans des\nconteneurs.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Microsoft Windows","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Microsoft Windows ADV200006 du 23 mars 2020","url":"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV200006"}]}