Microsoft was released today the monthly security updates as part of the established Patch Tuesday. Αυτό το μήνα, η εταιρεία επιδιόρθωσε 112 κενά ασφαλείας σε πολλά προϊόντα, από τον Microsoft Edge μέχρι το Windows WalletService.
This month's updates also include a fix for a Windows 0day released on thenetwork.
This 0day (CVE-2020-17087) was revealed on October 30 by the security teams of Google Project Zero and TAG. Google said the vulnerability was already being exploited and used alongside a 0day Chrome zero-day to target Windows 7 and Windows 10 users.
According to Microsoft Security Communication for CVE-2020-17087, 0day is located in the Windows kernel and affects all supported versions of the Windows operating system. That is, all versions after Windows 7 as well as all versions of Windows Server & Hosting.
But in addition to Windows zero-day, the company also patched 111 others vulnerabilities. Ανάμεσα σε αυτές υπάρχουν 24 κενά ασφαλείας που επιτρέπουν επιθέσεις απομακρυσμένης εκτέλεσης κώδικα (RCE) σε applications such as Excel, Microsoft Sharepoint, Microsoft Exchange Server, Windows Network File System, Windows GDI+ component, Windows printing spooler service and also Microsoft Teams.
Of course as always it is recommended to update your system immediately.