Monday, November 25, 2024
Follow us On Linkedin
HomeCVE/vulnerabilityMicrosoft October 2020 Patch Tuesday Fixes 87 Security Bugs Including 21 RCE

Microsoft October 2020 Patch Tuesday Fixes 87 Security Bugs Including 21 RCE

CVE/vulnerabilitycyber security

Published on

By Gurubaran
Microsoft October 2020 Patch Tuesday Fixes 87 Security Bugs Including 21 RCE

Microsoft has released an emergency security updates for critical vulnerabilities that allow attackers to execute arbitrary code on the vulnerable machine.

The updates patched 87 vulnerabilities that include 12 are classified as Critical, and 74 are classified as Important, and one as moderate.

The October security release includes security updates for the following software:

- Advertisement - SIEM as a Service
  • Microsoft Windows
  • Microsoft Office and Microsoft Office Services and Web Apps
  • Microsoft JET Database Engine
  • Azure Functions
  • Open Source Software
  • Microsoft Exchange Server
  • Visual Studio
  • PowerShellGet
  • Microsoft .NET Framework
  • Microsoft Dynamics
  • Adobe Flash Player
  • Microsoft Windows Codecs Library

The update also fixes the RCE flaws with several Microsoft products including Excel, Outlook, the Windows Graphics component, and the Windows TCP/IP stack.

Out of the one’s patches, the severe one is an RCE issue tracked as CVE-2020-16898, it resides in Windows TCP/IP stack, the vulnerability can be exploited by an attacker to take over the Windows systems by sending malicious packets.

Another important flaw tracked as CVE-2020-16947, resides in the MS Outlook that can be exploited by attackers by making victims opening a specially crafted file.

Following are some notable vulnerabilities

Microsoft strongly recommended installing these security updates for all the windows users to avoid the security risk and protect your Windows.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Also Read

Microsoft Released a Largest-Ever Security Patch with the Fixes For 129 Vulnerabilities – Update Now

Microsoft Defender ATP Antivirus is now Available For Android Users in Public Preview

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Cyber Security News

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting...
Cyber Security News

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ...
Cyber Security News

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to...
Cyber Security News

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities,...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

Register Now

More like this

CVE/vulnerability

7-Zip RCE Vulnerability Let Attackers Execute Remote Code

A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip,...
CVE/vulnerability

Helldown Ransomware Attacking VMware ESXi And Linux Servers

Helldown, a new ransomware group, actively exploits vulnerabilities to breach networks, as since August...
cyber security

Wireshark 4.4.2 Released: What’s New!

The Wireshark Foundation has officially announced the release of Wireshark 4.4.2, the latest version...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved