Security News > 2020 > November > Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Microsoft's November Patch Tuesday roundup of security fixes tackled an unusually large crop of remote code execution bugs.
Twelve of Microsoft's 17 critical patches were tied to RCE bugs.
"One of the most critical vulnerabilities patched this Tuesday is CVE-2020-17051, a remote code execution vulnerability found in Windows' Network File System," wrote Chris Hass, director of information security and research at Automox, in his Patch Tuesday analysis.
It describes a heavier reliance on the industry standard Common Vulnerability Scoring System to provide more generalized vulnerability information for Patch Tuesday security bulletins.
"Microsoft's decision to remove CVE description information from its Patch Tuesday release is a bad move, plain and simple. By relying on CVSSv3 ratings alone, Microsoft is eliminating a ton of valuable vulnerability data that can help inform organizations of the business risk a particular flaw poses to them," he wrote.
News URL
https://threatpost.com/microsoft-patch-tuesday-critical-bugs/161098/
Related news
- Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (source)
- Microsoft holds last Patch Tuesday of the year with 72 gifts for admins (source)
- Patch Tuesday: Microsoft Patches One Actively Exploited Vulnerability, Among Others (source)
- What Is Patch Tuesday? Microsoft’s Monthly Update Explained (source)
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- Microsoft says premature patch could make Windows Recall forget how to work (source)
- Microsoft: Another Chinese cyberspy crew targeting US critical orgs 'as of yesterday' (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-11 | CVE-2020-17051 | Unspecified vulnerability in Microsoft products Windows Network File System Remote Code Execution Vulnerability | 0.0 |