Patch Tuesday December fixes 58 security vulnerabilities

Microsoft released 58 fixes today in 10+ and its services as part of the monthly Patch Tuesday update bundle.

The 22 fixes out of a total of 58 released by the company are classified as Remote Code Execution (RCE) vulnerabilities.

These are security vulnerabilities that need to be addressed immediately, as they are easier to use, as they do not require any interaction from users, via the Internet or a local network.

This month, we have RCE in many της Microsoft όπως: Windows NTFS, Exchange Server, Microsoft Dynamics, Excel, PowerPoint, SharePoint, Studio and Hyper-V.

The highest score of these errors, and for those who are most likely to release exploits, are the RCE errors that affect Exchange Server (CVE-2020-17143CVE-2020-17144CVE-2020-17141CVE-2020-17117CVE-2020-17132, , CVE-2020-17142) and SharePoint (CVE-2020-17118, CVE-2020-17121).

Of course it is advisable to update immediately, as due to their nature, Exchange and SharePoint systems are regularly connected to the Internet.

Another major security flaw that was fixed this month is a bug in Hyper-V, Microsoft's virtualization technology used to host virtual machines.

With a malicious SMB, this bug could allow remote attackers to compromise virtualized (sandboxed) environments, which Hyper-V is not supposed to allow.

More details at Microsoft Security Update Guide portal

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).