Security News > 2020 > June > Microsoft Releases June 2020 Security Patches For 129 Vulnerabilities
Microsoft today released its June 2020 batch of software security updates that patches a total of 129 newly discovered vulnerabilities affecting various versions of Windows operating systems and related products.
The 129 bugs in the June 2020 bucket for sysadmins and billions of users include 11 critical vulnerabilities-all leading to remote code execution attacks-and 118 classified as important in severity, mostly leading to privilege escalation and spoofing attacks.
Microsoft has listed these flaws as "Exploitation more likely," explaining that it has seen attackers consistently exploiting similar flaws in the past, and can be carried out remotely via browser, application or Microsoft Office document that hosts the IE rendering engine.
According to Microsoft, GDI+ RCE vulnerability can be exploited in combination with a separate critical security feature bypass vulnerability affecting Microsoft Outlook software that could let attackers automatically load malicious images hosted on a remote server.
For installing the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update, or by selecting Check for Windows updates.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/-ZrKOECVLrg/windows-update-june.html
Related news
- Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild (source)
- Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries (source)
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short (source)
- Microsoft warns it lost some customer's security logs for a month (source)
- Microsoft lost some customers’ cloud security logs (source)
- Microsoft Entra "security defaults" to make MFA setup mandatory (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)
- ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps (source)