Microsoft today released 58 security fixes across its 10+ products and services as part of its monthly patch roll Tuesday.
The 22 fixes out of 58 released by the company in total are classified as vulnerabilities remote code execution (RCE).
These are security vulnerabilities that need to be addressed immediately, as they are easier to use, as they do not require any interaction from users, via the Internet or a local network.
This month, we have RCE on several Microsoft products including: Windows NTFS, Exchange Server & Hosting, Microsoft Dynamics, Excel, PowerPoint, SharePoint, Visual Studio and Hyper-V.
The highest rated of these bugs, and for those most likely to release exploits, are the errors RCEs affecting Exchange Server (CVE-2020-17143, CVE-2020-17144, CVE-2020-17141, CVE-2020-17117, CVE-2020-17132, , CVE-2020-17142) and SharePoint (CVE-2020-17118, CVE-2020-17121).
Of course it is advisable to update immediately, as due to their nature, Exchange and SharePoint systems are regularly connected to the Internet.
Another major security flaw that was fixed this month is a bug in Hyper-V, Microsoft's virtualization technology used to host virtual machines.
With a malicious SMB package, this error could allow remote intruders to breach sandboxed, which Hyper-V supposedly does not.
More details at Microsoft Security Update Guide portal