Microsoft today released 58 security patches on its 10+ products and services as part of its monthly Patch Tuesday update package.
Οι 22 επιδιορθώσεις από τις 58 που κυκλοφόρησε η εταιρεία συνολικά, ταξινομούνται σαν ευπάθειες απομακρυσμένης εκτέλεσης code (RCE).
It's about security gaps which should be dealt with immediately, as they are easier to use since no interaction is needed from them users, over the Internet or from a local network.
This month, we have RCE on several Microsoft products such as: Windows NTFS, Exchange Server & Hosting, Microsoft Dynamics, Excel, PowerPoint, SharePoint, Visual Studio and Hyper-V.
The highest score of these errors, and for those who are most likely to release exploits, are the RCE errors that affect Exchange Server (CVE-2020-17143, CVE-2020-17144, CVE-2020-17141, CVE-2020-17117, CVE-2020-17132, , CVE-2020-17142) and SharePoint (CVE-2020-17118, CVE-2020-17121).
Of course it is advisable to update immediately, as due to their nature, Exchange and SharePoint systems are regularly connected to the Internet.
Another major security hole patched this month is a bug in Hyper-V, Microsoft's virtualization technology, which usesfor hosting virtual machines.
With a malicious SMB package, this error could allow remote intruders to breach sandboxed, which Hyper-V supposedly does not.
More details at Microsoft Security Update Guide portal