Η Microsoft was released late last night Tuesda Patch updatesy. This month, the company fixed 129 vulnerabilities in 15 products, from Windows to ASP.NET.
This month, of the 129 vulnerabilities, 32 were classified as remote code execution issues, which are bugs that allow attackers to exploit applications remotely, via network.
Of those 32, 20 are rated "critical" seriousness, the highest rating on the Microsoft scale, making these 20 vulnerabilities some of the most significant bugs fixed in Microsoft products this month. The list of 20 critical RCE products includes errors:
- Windows (CVE-2020-1252)
- On-premise Microsoft Dynamics 365 systems (CVE-2020-16857, CVE-2020-16862)
- Windows Graphics Device Interface (GDI) (CVE-2020-1285)
- Microsoft SharePoint (CVE-2020-1200, CVE-2020-1210, CVE-2020-1452, CVE-2020-1453, CVE-2020-1576, CVE-2020-1595)
- Microsoft SharePoint Server (CVE-2020-1460)
- Windows Media Audio Decoder (CVE-2020-1593, CVE-2020-1508)
- Microsoft COM for Windows (CVE-2020-0922)
- Windows Text Service Module (CVE-2020-0908)
- Microsoft Windows Codecs Library (CVE-2020-1319, CVE-2020-1129)
- Windows Camera Codec Pack (CVE-2020-0997)
- Visual Studio (CVE-2020-16874)
All of the vulnerabilities listed above are serious issues security, and especially those affecting Windows, SharePoint and Dynamics 365 (as these systems are often installed in large enterprise networks).
Here is additional information about today's Patch Tuesday and security updates released by other major companies:
- Microsoft official Security Update Guide portal.
- Adobe security updates
- SAP security updates
- Intel security updates
- VMWare security updates
- Chrome 85 security updates
- Android Security Bulletin September 2020
