Security News > 2020 > May > Microsoft Patch Tuesday, May 2020 Edition

Microsoft today issued software updates to plug at least 111 security holes in Windows and Windows-based programs.

May marks the third month in a row that Microsoft has pushed out fixes for more than 110 security flaws in its operating system and related software.

Todd Schell, senior product manager at security vendor Ivanti, notes that if one looks at the "Exploitability assessment" tied to each patch - i.e., how likely Microsoft considers each can and will be exploited for nefarious purposes - it makes sense to pay just as much attention to the vulnerabilities Microsoft has labeled with the lesser severity rating of "Important."

Satnam Narang from Tenable notes that two remote code execution flaws in Microsoft Color Management and Windows Media Foundation could be exploited by tricking a user into opening a malicious email attachment or visiting a website that contains code designed to exploit the vulnerabilities.

Just a friendly reminder that while many of the vulnerabilities fixed in today's Microsoft patch batch affect Windows 7 operating systems - including all three of the zero-day flaws - this OS is no longer being supported with security updates.

News URL

https://krebsonsecurity.com/2020/05/microsoft-patch-tuesday-may-2020-edition/