Security News > 2020 > March > Microsoft Issues March 2020 Updates to Patch 115 Security Flaws
Microsoft today released security updates to fix a total of 115 new security vulnerabilities in various versions of its Windows operating system and related software-making March 2020 edition the biggest ever Patch Tuesday in the company's history.
Of the 115 bugs spanning its various products - Microsoft Windows, Edge browser, Internet Explorer, Exchange Server, Office, Azure, Windows Defender, and Visual Studio - that received new patches, 26 have been rated as critical, 88 received a severity of important, and one is moderate in severity.
It's worth highlighting that the patch addresses critical flaws that could be potentially exploited by bad actors to execute malicious code by specially crafted LNK files and word documents.
Microsoft has warned that Microsoft Outlook Preview Pane is also an attack vector for this vulnerability.
For installing the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update, or by selecting Check for Windows updates.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/BAvF_P8CRHU/microsoft-patch-tuesday-march-2020.html
Related news
- Microsoft disables BitLocker security fix, advises manual mitigation (source)
- Microsoft security tools questioned for treating employees as threats (source)
- Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability (source)
- Microsoft hosts a security summit but no press, public allowed (source)
- Week in review: Vulnerability allows Yubico security keys cloning, Patch Tuesday forecast (source)
- Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security (source)
- Microsoft September 2024 Patch Tuesday fixes 4 zero-days, 79 flaws (source)
- Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)