Security News > 2020 > November > November 2020 Patch Tuesday: Microsoft fixes actively exploited Windows Kernel flaw
Microsoft has plugged 112 security holes, including an actively exploited one.
The most information is available about CVE-2020-17087, a Windows Kernel privilege escalation vulnerability, because it's being actively exploited in the wild and because Google disclosed it on October 29, along with PoC exploit code.
The Adobe Connect updates, which fix two vulnerabilities that may allow arbitrary JavaScript execution in the browser, will be staggered: for hosted services, the update is already available, for on-premise deployments it will be available from November 13.
Intel took advantage of the November 2020 Patch Tuesday to released a mammoth batch of advisories, covering vulnerabilities in drivers, server boards, various software, firmware, drones, BIOS, and so on.
For November 2020 Patch Tuesday, SAP released 12 security notes and updated three previously released ones.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/MJIWsmc7ri0/
Related news
- Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws (source)
- May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) (source)
- June 2024 Patch Tuesday forecast: Multiple announcements from Microsoft (source)
- Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- Microsoft: APT28 hackers exploit Windows flaw reported by NSA (source)
- Microsoft says April Windows updates break VPN connections (source)
- Microsoft: April Windows Server updates cause NTLM auth failures (source)
- Microsoft won't fix Windows 0x80070643 errors, manual fix required (source)
- Microsoft tests using MT/s for memory speed in Windows 11 Task Manager (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-11 | CVE-2020-17087 | Incorrect Calculation of Buffer Size vulnerability in Microsoft products Windows Kernel Local Elevation of Privilege Vulnerability | 7.8 |