Microsoft was released today the monthly security updates under the standard Patch Tuesday. This month, the company fixed 112 security vulnerabilities in many products, from Microsoft Edge to Windows WalletService.
This month's updates also include a fix for a Windows 0day online.
This 0day (CVE-2020-17087) was revealed on October 30 by the security teams of Google Project Zero and TAG. Η Google ανέφερε ότι για την ευπάθεια κυκλοφορεί ήδη exploit που χρησιμοποιείται μαζί με ένα 0day του Chrome zero-day για να στοχεύσει users of Windows 7 and Windows 10.
According to Microsoft Security Communication for CVE-2020-17087, 0day is located in the Windows kernel and affects all supported versions of the Windows operating system. That is, all versions after Windows 7 as well as all versions of Windows Server.
But except since Windows zero-day, the company has also patched 111 other vulnerabilities. Among them are 24 vulnerabilities that allow remote attacks implementationof code (RCE) in applications such as Excel, Microsoft Sharepoint, Microsoft Exchange Server, the Windows Network File System, the Windows GDI+ component, the Windows printing spooler service and also Microsoft Teams.
Of course as always it is recommended to update your system immediately.