Security News > 2020 > November > Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Microsoft's November Patch Tuesday roundup of security fixes tackled an unusually large crop of remote code execution bugs.
Twelve of Microsoft's 17 critical patches were tied to RCE bugs.
"One of the most critical vulnerabilities patched this Tuesday is CVE-2020-17051, a remote code execution vulnerability found in Windows' Network File System," wrote Chris Hass, director of information security and research at Automox, in his Patch Tuesday analysis.
It describes a heavier reliance on the industry standard Common Vulnerability Scoring System to provide more generalized vulnerability information for Patch Tuesday security bulletins.
"Microsoft's decision to remove CVE description information from its Patch Tuesday release is a bad move, plain and simple. By relying on CVSSv3 ratings alone, Microsoft is eliminating a ton of valuable vulnerability data that can help inform organizations of the business risk a particular flaw poses to them," he wrote.
News URL
https://threatpost.com/microsoft-patch-tuesday-critical-bugs/161098/
Related news
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- April 2025 Patch Tuesday forecast: More AI security introduced by Microsoft (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- March 2025 Patch Tuesday forecast: A return to normalcy (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-11 | CVE-2020-17051 | Unspecified vulnerability in Microsoft products Windows Network File System Remote Code Execution Vulnerability | 0.0 |