Microsoft was released today the monthly security updates as part of the established Patch Tuesday. This month, the company patched 112 security holes in several products, από τον Microsoft Edge μέχρι το Windows WalletService.
This month's updates also include a fix for one 0day of Windows released on the Internet.
This 0day (CVE-2020-17087) was revealed on October 30 by the security teams of Google Project Zero and TAG. Google said there is already an exploit for the vulnerability that is used in conjunction with a Chrome 0day zero-day για να στοχεύσει χρήστες των Windows 7 and Windows 10.
According to Microsoft Security Communication for CVE-2020-17087, 0day is in the Windows kernel and affects all supported versions of the Windows operating system. That is, all versions after Windows 7 as well as all its versions windows server.
But in addition to Windows zero-day, the company also patched 111 others vulnerabilities. Among them are 24 security holes that allow remote code execution (RCE) attacks on applications such as Excel, Microsoft Sharepoint, Microsoft Exchange Server, Windows Network File System, Windows GDI+ component, Windows printing spooler service and also Microsoft Teams.
Of course as always it is recommended to update your system immediately.