Microsoft today released Patch Tuesday June 2020, the monthly updates security of the company.
This month, Redmond engineers fixed 129 vulnerabilities, making this Patch Tuesday the largest in the company's history.
The good news is that despite this month's massive release, none of the vulnerabilities have been exploited by malicious users, ie there has been no 0day.
Of course system administrators who manage a lot of computers (large businesses and government organizations) are advised to test today's updates for bugs before installing them. Something that must be done immediately due to the volume and severity of the vulnerabilities.
Malicious developers software they are known to monitor Microsoft's monthly security updates, and pick the most useful bugs.
Here are some of the most serious bug fixes on Microsoft products this month:
CVE-2020-1181 - execute remote code in Microsoft SharePoint.
CVE-2020-1225, CVE-2020-1226 - execute remote code in Microsoft Excel.
CVE-2020-1223 - execute remote code in Word for Android.
CVE-2020-1248 - remote code execution in the Windows Graphics Device (GDI) interface.
CVE-2020-1281 - execute remote code in Windows OLE.
CVE-2020-1299 - execute remote code when editing Windows .LNK files.
CVE-2020-1300 - execute remote code in Windows OS print spooler.
CVE-2020-1301 – remote code execution on the Windows SMB protocol (Server & Hosting Message Block).
CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260 - remote code execution on the Windows VBScript scripting engine.
Η official portal Microsoft Update Update Guide lists all security updates in a filterable table.
Good luck to the system administrators, with the wish that everything goes well without surprises.