Security News > 2020 > June > Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities
Microsoft today released its June 2020 batch of software security updates that patches a total of 129 newly discovered vulnerabilities affecting various versions of Windows operating systems and related products.
The 129 bugs in the June 2020 bucket for sysadmins and billions of users include 11 critical vulnerabilities-all leading to remote code execution attacks-and 118 classified as important in severity, mostly leading to privilege escalation and spoofing attacks.
Microsoft has listed these flaws as "Exploitation more likely," explaining that it has seen attackers consistently exploiting similar flaws in the past, and can be carried out remotely via browser, application or Microsoft Office document that hosts the IE rendering engine.
According to Microsoft, GDI+ RCE vulnerability can be exploited in combination with a separate critical security feature bypass vulnerability affecting Microsoft Outlook software that could let attackers automatically load malicious images hosted on a remote server.
For installing the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update, or by selecting Check for Windows updates.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/-ZrKOECVLrg/windows-update-june.html
Related news
- 3 Actively Exploited Zero-Day Flaws Patched in Microsoft's Latest Security Update (source)
- ‘Sneaky Log’ Microsoft Spoofing Scheme Sidesteps Two-Factor Security (source)
- Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs (source)
- Microsoft: January Windows security updates break audio playback (source)
- Microsoft shares workaround for Windows security update issues (source)
- Zimbra Releases Security Updates for SQL Injection, Stored XSS, and SSRF Vulnerabilities (source)