Security News > 2020 > November > Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Microsoft's November Patch Tuesday roundup of security fixes tackled an unusually large crop of remote code execution bugs.
Twelve of Microsoft's 17 critical patches were tied to RCE bugs.
"One of the most critical vulnerabilities patched this Tuesday is CVE-2020-17051, a remote code execution vulnerability found in Windows' Network File System," wrote Chris Hass, director of information security and research at Automox, in his Patch Tuesday analysis.
It describes a heavier reliance on the industry standard Common Vulnerability Scoring System to provide more generalized vulnerability information for Patch Tuesday security bulletins.
"Microsoft's decision to remove CVE description information from its Patch Tuesday release is a bad move, plain and simple. By relying on CVSSv3 ratings alone, Microsoft is eliminating a ton of valuable vulnerability data that can help inform organizations of the business risk a particular flaw poses to them," he wrote.
News URL
https://threatpost.com/microsoft-patch-tuesday-critical-bugs/161098/
Related news
- Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws (source)
- Microsoft February 2025 Patch Tuesday fixes 4 zero-days, 55 flaws (source)
- February's Patch Tuesday sees Microsoft offer just 63 fixes (source)
- Microsoft’s Patch Tuesday Fixes 63 Flaws, Including Two Under Active Exploitation (source)
- Patch Tuesday: Microsoft Patches Two Actively Exploited Zero-Day Flaws (source)
- January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance (source)
- Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast (source)
- Patch Tuesday: January 2025 Security Update Patches Exploited Elevation of Privilege Attacks (source)
- Windows Patch Tuesday hits snag with Citrix software, workarounds published (source)
- SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-11 | CVE-2020-17051 | Unspecified vulnerability in Microsoft products Windows Network File System Remote Code Execution Vulnerability | 0.0 |