Security News > 2020 > May > May 2020 Patch Tuesday: Microsoft fixes 111 flaws, Adobe 36

For the May 2020 Patch Tuesday, Microsoft has fixed 111 CVE-numbered flaws and Adobe 36, but none are under active attack.
The vulnerability is found in most Windows 10 and Windows Server builds and Microsoft deems it "More likely to be exploited."
"If exploited successfully, this vulnerability would give an attacker the ability to execute arbitrary code from the SharePoint application pool and the SharePoint server farm account, potentially impacting all the users connected into and using the platform. If an attacker is able to access this critical component of the network, lateral movement throughout the connected filesystems would be difficult to contain. With Microsoft Sharepoint's rise in use to support remote workers, addressing this vulnerability quickly is critical to securing a central hub of access to the full corporate network and data," he pointed out.
The Microsoft SharePoint security updates also fix three additional RCEs, four XSS flaws, three spoofing vulnerabilities and one information disclosure weakness.
While we're on the subject of vulnerability patching, the US Cybersecurity and Infrastructure Security Agency is urging organizations to patch a slew of old and new software vulnerabilities that are routinely exploited by foreign cyber actors and cyber criminals.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/ePzI89aNh98/
Related news
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- February 2025 Patch Tuesday forecast: New directions for AI development (source)
- March 2025 Patch Tuesday forecast: A return to normalcy (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)