Microsoft today released the Patch Tuesday June 2020, the company's monthly security updates.
This month, Redmond engineers fixed 129 vulnerabilities, making this Patch Tuesday the largest in the company's history.
The good news is that despite this month's massive release, none of the vulnerabilities have been exploited by malicious users, ie there has been no 0day.
Of course, system administrators who manage too many computers (large companies and government agencies) are advised to try the current bug updates before installing them. Something that must be done immediately due to the volume and severity of the vulnerabilities.
Malicious developers software they are known to monitor Microsoft's monthly security updates, and pick the most useful bugs.
Here are some of the more serious bugs fixed in productfrom Microsoft this month:
CVE-2020-1181 - execute remote code in Microsoft SharePoint.
CVE-2020-1225, CVE-2020-1226 - execute remote code in Microsoft Excel.
CVE-2020-1223 - execute remote code in Word for Android.
CVE-2020-1248 - remote code execution in the Windows Graphics Device (GDI) interface.
CVE-2020-1281 - execute remote code in Windows OLE.
CVE-2020-1299 – remote code execution during processing Windows .LNK files.
CVE-2020-1300 - execute remote code in Windows OS print spooler.
CVE-2020-1301 – remote code execution on the Windows SMB protocol (Server & Hosting Message Block).
CVE-2020-1213, CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260 - remote code execution on the Windows VBScript scripting engine.
Η official portal Microsoft Update Update Guide lists all security updates in a filterable table.
Good luck to the system administrators, with the wish that everything goes well without surprises.