Security News > 2020 > September > Microsoft’s Patch Tuesday Packed with Critical RCE Bugs
Microsoft has released patches for 129 security bugs in its September Patch Tuesday update.
Another critical RCE vulnerability that should be prioritized for patching is CVE-2020-1210, which exists in SharePoint due to a failure to check an application package's source markup.
September's slew of patches also features several other RCE bugs, including one in the Microsoft Windows Codecs Library, which is used by multiple applications and can therefore affect a wide range of programs.
September's Patch Tuesday release continues a trend of high-volume security updates.
Adobe fixed five critical cross-site scripting flaws in Experience Manager as part of its regularly scheduled patches on Tuesday.
News URL
https://threatpost.com/microsofts-patch-tuesday-critical-rce-bugs/159044/
Related news
- Microsoft July 2024 Patch Tuesday fixes 142 flaws, 4 zero-days (source)
- Critical Windows licensing bugs, plus two others under attack, top Patch Tuesday (source)
- Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited (source)
- July 2024 Patch Tuesday forecast: The end of an AV giant in the US (source)
- Week in review: RADIUS protocol critical vuln, Microsoft 0-day exploited for a year, AT&T breach (source)
- CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks (source)
- Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP (source)
- Windows Patch Tuesday update might send a user to the BitLocker recovery screen (source)
- Progress warns of critical RCE bug in Telerik Report Server (source)
- Critical ServiceNow RCE flaws actively exploited to steal credentials (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-11 | CVE-2020-1210 | Download of Code Without Integrity Check vulnerability in Microsoft products <p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. | 9.9 |