As with all the Patch Tuesday updates from the past, these bring new features, bug fixes, performance enhancements but, most importantly, they come with security improvements as well. The past few months have shown a rise in malware and vulnerabilities, and the best testimonies are the 99 CVEs solved in February, the 115 CVEs discovered in March, and the 118 CVEs found in April. In keeping with the tradition, these latest updates also bring fixes, this time to 147 CVEs
147 CVEs are now fixed with the May patch Tuesday updates
Of the 147 CVEs identified and fix by Microsoft, 36 were related to Adobe products which include Adobe Acrobat Reader and Adobe DNG. It is also worth mentioning that 24 of the 36 CVEs were rated as Critical, and most of them consist of Our-of-Bounds (OOB) Reads and Writes. As far as Microsoft-related CVEs go, 111 were identified, and they cover services like Microsoft Windows, Microsoft Edge (EdgeHTML-based), ChakraCore, Internet Explorer, Microsoft Office, and Microsoft Office Services . Some extra CVEs were also found with Web Apps, Visual Studio, Microsoft Dynamics, .NET Framework, .NET Core, and Power BI. The 111 CVEs identified were rated as follows:
16 are rated Critical 95 are rated Important
Which were some of the most severe CVEs?
CVE-2020-1071 Windows Remote Access Common Dialog Elevation of Privilege Vulnerability CVE-2020-1135 Windows Graphics Component Elevation of Privilege Vulnerability CVE-2020-1067 Windows Remote Code Execution Vulnerability CVE-2020-1118 Microsoft Windows Transport Layer Security Denial of Service Vulnerability
These are the most important CVEs covered by Microsoft during the May 2020 round of Patch Tuesday Updates. For the next set of updates, users will have to wait until June 9. CVEs provide a reference-method for information-security, vulnerabilities, and exposures without any costs related to them.
Name *
Email *
Commenting as . Not you?
Save information for future comments
Comment
Δ
