Η Microsoft κυκλοφόρησε σήμερα το Patch Tuesday Ιουνίου 2020, τις μηνιαίες ενημερώσεις ασφαλείας της εταιρείας.
This month, Redmond engineers fixed 129 vulnerabilities, making this Patch Tuesday the largest in the company's history.
The good news is that despite this month's massive release, none of the vulnerabilities have been exploited by malicious users, ie there has been no 0day.
Of course, system administrators who manage too many computers (large companies and government agencies) are advised to try the current bug updates before installing them. Something that must be done immediately due to the volume and severity of the vulnerabilities.
Malware developers are known to monitor Microsoft monthly security updates, and select the most useful bugs.
Here are some of the most serious bug fixes on Microsoft products this month:
CVE-2020-1181 - execute remote code in Microsoft SharePoint.
CVE-2020-1225, CVE-2020-1226 - execute remote code in Microsoft Excel.
CVE-2020-1223 - execute remote code in Word for Android.
CVE-2020-1248 – remote code execution in interface συσκευών γραφικών των Windows (GDI).
CVE-2020-1281 - execute remote code in Windows OLE.
CVE-2020-1299 - execute remote code when editing Windows .LNK files.
CVE-2020-1300 - execute remote code in Windows OS print spooler.
CVE-2020-1301 - remote code execution in the Windows SMB (Server Message Block) protocol.
CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260 - remote code execution on the Windows VBScript scripting engine.
Η official portal Microsoft Update Update Guide lists all security updates in a filterable table.
Good luck to the system administrators, with the wish that everything goes well without surprises.
