The second Tuesday of each month is the one most commonly referred to as Patch Tuesday. That’s when Microsoft releases security-related updates for Windows (desktop and server editions), Office, and related products. The fourth Tuesday of each month is reserved for updates that aren’t related to security.
Where this Tuesday Microsoft released patches for 129 security bugs which also includes 23 critical flaws, 105 that are important in severity and one moderate bug. Fortunately, none are publicly known or under active exploitation, Microsoft said.
Out of 129 bugs, 32 were classified as remote code execution issues, which are bugs that permit attackers to exploit vulnerable applications remotely, over a network.
Of these 32, 20 also received a severity classification of “critical,” the highest rating on Microsoft’s scale
The list of 20 critical RCEs includes bugs in:
- Windows (CVE-2020-1252)
- On-premise Microsoft Dynamics 365 systems (CVE-2020-16857, CVE-2020-16862)
- Windows Graphics Device Interface (GDI) (CVE-2020-1285)
- Microsoft SharePoint (CVE-2020-1200, CVE-2020-1210, CVE-2020-1452, CVE-2020-1453, CVE-2020-1576, CVE-2020-1595)
- Microsoft SharePoint Server (CVE-2020-1460)
- Windows Media Audio Decoder (CVE-2020-1593, CVE-2020-1508)
- Microsoft COM for Windows (CVE-2020-0922)
- Windows Text Service Module (CVE-2020-0908)
- Microsoft Windows Codecs Library (CVE-2020-1319, CVE-2020-1129)
- Windows Camera Codec Pack (CVE-2020-0997)
- Visual Studio (CVE-2020-16874)
Below are the additional information about the Tuesdays patch and security updates released by other major organizations
- Adobe’s security updates are detailed here – AEM and AEM Forms updates, Adobe Framemaker and the Adobe InDesign
- SAP security updates are available here – releasing 10 security notes and updates to six previously released ones (for SAP Solution Manager, SAP NetWeaver, SAPUI5, and SAP NetWeaver AS JAVA).
- Intel security updates are available here – accompanying fixes for the Intel Driver & Support Assistant, BIOS firmware for multiple Intel Platforms, and Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM).
- VMWare security updates are available here.
- Chrome 85 security updates are detailed here.