United States Computer Emergency Readiness Team (US-CERT)は1月14日(米国時間)、「Microsoft Releases January 2020 Security Updates|CISA」において、Microsoftの複数のソフトウェアに脆弱性が存在すると伝えた。
January 2020 Security Updates|Release Notes|Microsoft
Security update deployment information: January 14, 2020|Microsoft
January 2020 Security Updates|Release Notes|Microsoft
修正対象となった脆弱性のいくつかは深刻な問題を引き起こすとし、Cybersecurity and Infrastructure Security Agency (CISA)は「CISA Releases Emergency Directive and Activity Alert on Critical Microsoft Vulnerabilities|CISA」において、脆弱性に関する情報がまとまったページを紹介するとともに、チェックするように呼びかけている。
Critical Vulnerabilities in Microsoft Windows Operating Systems|CISA
WINDOWS VULNERABILITIES THAT REQUIRE IMMEDIATE ATTENTION|CISA
VU#335217 - Multiple caching service providers are vulnerable to HTTP cache poisoning
VU#491944 - Microsoft Windows Remote Desktop Gateway allows for unauthenticated remote code execution
VU#849224 - Microsoft Windows CryptoAPI fails to properly validate ECC certificate chains
cyber.dhs.gov - Emergency Directive 20-02
National Security Agency - Patch Critical Cryptographic Vulnerability in Microsoft Windows Clients and Servers
