Security News > 2020 > November > Microsoft Releases Windows Security Updates For Critical Flaws
Microsoft formally released fixes for 112 newly discovered security vulnerabilities as part of its November 2020 Patch Tuesday, including an actively exploited zero-day flaw disclosed by Google's security team last week.
Outside of the zero-day, the update fixes a number of remote code execution vulnerabilities impacting Exchange Server, Network File System, and Microsoft Teams, as well as a security bypass flaw in Windows Hyper-V virtualization software.
As with the zero-day, the advisories associated with these security shortcomings are light on descriptions, with little to no information on how these RCE flaws are abused or which security feature in Hyper-V is being bypassed.
Other critical flaws fixed by Microsoft this month include memory corruption vulnerabilities in Microsoft Scripting Engine and Internet Explorer, and multiple RCE flaws in HEVC Video Extensions Codecs library.
To install the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update, or by selecting Check for Windows updates.
News URL
Related news
- Microsoft: January Windows security updates break audio playback (source)
- Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities (source)
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Critical security hole in Apache Struts under exploit (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
- Windows 11 installation media bug causes security update failures (source)
- Microsoft adds another problem to the Windows 11 24H2 naughty list (source)
- Windows 11 Media Update Bug Stops Security Updates (source)
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- Windows 10 users urged to upgrade to avoid "security fiasco" (source)