cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

General Discussions

elstaci
MVP
‎06-09-2020 02:53 PM

Microsoft June 2020 Patch Tuesday fixes 129 vulnerabilities

Another ZDNET article about Microsoft and Windows latest Patch Tuesday: Microsoft June 2020 Patch Tuesday fixes 129 vulnerabilities | ZDNet 

With all these security patches installed wonder how it will affect Windows performance in the long run.

_______________________________________________________________________________________________

This month's updates have started rolling out earlier today.

Microsoft has released today the June 2020 Patch Tuesday, the company's monthly security updates.

This month, Redmond engineers have patched 129 vulnerabilities, making this the largest Patch Tuesday release in the company's history.

The good news is that despite this month's bulkiness, none of the vulnerabilities have been exploited in the wild before Microsoft released patches today (no zero-days).

System administrators who manage large fleets of computers -- such as those deployed across enterprises and government organizations -- are advised to test today's updates for any bugs and deploy them as soon as possible.

Malware authors are known to keep on eye out on Microsoft's monthly security updates, select the most useful bugs, and patch-diff the security updates to find the exact bug that Microsoft fixed -- so they can weaponize it as soon as possible.

Among the most serious bugs patched this month, we list:

Below is some useful information about today's Patch Tuesday, but also the security updates released by other companies this month.

  • Microsoft's official Security Update Guide portal lists all security updates in a filterable table.
  • ZDNet has published this file listing all this month's security advisories on one single page.
  • Adobe's security updates are detailed here.
  • SAP security updates are available here.
  • VMWare security updates are available here.
  • Intel security updates are detailed here.
  • Firefox security updates have been released last week, with the release of Firefox v77.
  • The Android Security Bulletin for June 2020 is detailed here. Patches started rolling out to users' phones last week.
TagCVE IDCVE Title
Android AppCVE-2020-1223Word for Android Remote Code Execution Vulnerability
AppsCVE-2020-1329Microsoft Bing Search Spoofing Vulnerability
Azure DevOpsCVE-2020-1327Azure DevOps Server HTML Injection Vulnerability
Diagnostics HubCVE-2020-1278Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Diagnostics HubCVE-2020-1203Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability
Diagnostics HubCVE-2020-1202Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability
HoloLensCVE-2020-1199Windows Feedback Hub Elevation of Privilege Vulnerability
Internet ExplorerCVE-2020-1315Internet Explorer Information Disclosure Vulnerability
Microsoft BrowsersCVE-2020-1219Microsoft Browser Memory Corruption Vulnerability
Microsoft EdgeCVE-2020-1242Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge (Chromium-based) in IE ModeCVE-2020-1220Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability
Microsoft Graphics ComponentCVE-2020-1207Win32k Elevation of Privilege Vulnerability
Microsoft Graphics ComponentCVE-2020-1258DirectX Elevation of Privilege Vulnerability
Microsoft Graphics ComponentCVE-2020-1251Win32k Elevation of Privilege Vulnerability
Microsoft Graphics ComponentCVE-2020-1160Microsoft Graphics Component Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2020-0915Windows GDI Elevation of Privilege Vulnerability
Microsoft Graphics ComponentCVE-2020-1253Win32k Elevation of Privilege Vulnerability
Microsoft Graphics ComponentCVE-2020-1348Windows GDI Information Disclosure Vulnerability
Microsoft Graphics ComponentCVE-2020-0986Windows Kernel Elevation of Privilege Vulnerability
Microsoft Graphics ComponentCVE-2020-0916Windows GDI Elevation of Privilege Vulnerability
Microsoft JET Database EngineCVE-2020-1236Jet Database Engine Remote Code Execution Vulnerability
Microsoft JET Database EngineCVE-2020-1208Jet Database Engine Remote Code Execution Vulnerability
Microsoft Malware Protection EngineCVE-2020-1163Microsoft Windows Defender Elevation of Privilege Vulnerability
Microsoft Malware Protection EngineCVE-2020-1170Microsoft Windows Defender Elevation of Privilege Vulnerability
Microsoft OfficeCVE-2020-1226Microsoft Excel Remote Code Execution Vulnerability
Microsoft OfficeCVE-2020-1225Microsoft Excel Remote Code Execution Vulnerability
Microsoft OfficeCVE-2020-1229Microsoft Outlook Security Feature Bypass Vulnerability
Microsoft OfficeCVE-2020-1321Microsoft Office Remote Code Execution Vulnerability
Microsoft OfficeCVE-2020-1322Microsoft Project Information Disclosure Vulnerability
Microsoft Office SharePointCVE-2020-1289Microsoft SharePoint Spoofing Vulnerability
Microsoft Office SharePointCVE-2020-1181Microsoft SharePoint Server Remote Code Execution Vulnerability
Microsoft Office SharePointCVE-2020-1148Microsoft SharePoint Spoofing Vulnerability
Microsoft Office SharePointCVE-2020-1183Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePointCVE-2020-1318Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePointCVE-2020-1295Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office SharePointCVE-2020-1298Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePointCVE-2020-1323SharePoint Open Redirect Vulnerability
Microsoft Office SharePointCVE-2020-1297Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePointCVE-2020-1178Microsoft SharePoint Server Elevation of Privilege Vulnerability
Microsoft Office SharePointCVE-2020-1177Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePointCVE-2020-1320Microsoft Office SharePoint XSS Vulnerability
Microsoft Scripting EngineCVE-2020-1260VBScript Remote Code Execution Vulnerability
Microsoft Scripting EngineCVE-2020-1215VBScript Remote Code Execution Vulnerability
Microsoft Scripting EngineCVE-2020-1230VBScript Remote Code Execution Vulnerability
Microsoft Scripting EngineCVE-2020-1073Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting EngineCVE-2020-1214VBScript Remote Code Execution Vulnerability
Microsoft Scripting EngineCVE-2020-1216VBScript Remote Code Execution Vulnerability
Microsoft Scripting EngineCVE-2020-1213VBScript Remote Code Execution Vulnerability
Microsoft WindowsCVE-2020-1324Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1162Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1305Windows State Repository Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1313Windows Update Orchestrator Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1316Windows Kernel Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1309Microsoft Store Runtime Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1312Windows Installer Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1306Windows Runtime Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1296Windows Diagnostics & feedback Information Disclosure Vulnerability
Microsoft WindowsCVE-2020-1270Windows WLAN Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1255Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1283Windows Denial of Service Vulnerability
Microsoft WindowsCVE-2020-1263Windows Error Reporting Information Disclosure Vulnerability
Microsoft WindowsCVE-2020-1259Windows Host Guardian Service Security Feature Bypass Vulnerability
Microsoft WindowsCVE-2020-1268Windows Service Information Disclosure Vulnerability
Microsoft WindowsCVE-2020-1290Win32k Information Disclosure Vulnerability
Microsoft WindowsCVE-2020-1291Windows Network Connections Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1292OpenSSH for Windows Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1317Group Policy Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1244Connected User Experiences and Telemetry Service Denial of Service Vulnerability
Microsoft WindowsCVE-2020-1241Windows Kernel Security Feature Bypass Vulnerability
Microsoft WindowsCVE-2020-1314Windows Text Service Framework Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1271Windows Backup Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1222Microsoft Store Runtime Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1120Connected User Experiences and Telemetry Service Denial of Service Vulnerability
Microsoft WindowsCVE-2020-1201Windows Now Playing Session Manager Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1233Windows Runtime Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1246Windows Kernel Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1235Windows Runtime Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1234Windows Error Reporting Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1197Windows Error Reporting Manager Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1194Windows Registry Denial of Service Vulnerability
Microsoft WindowsCVE-2020-1231Windows Runtime Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1209Windows Network List Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1204Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1307Windows Kernel Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1211Connected Devices Platform Service Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1196Windows Print Configuration Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1334Windows Runtime Elevation of Privilege Vulnerability
Microsoft WindowsCVE-2020-1217Windows Runtime Information Disclosure Vulnerability
Microsoft Windows PDFCVE-2020-1248GDI+ Remote Code Execution Vulnerability
Open Source SoftwareCVE-2020-1340NuGetGallery Spoofing Vulnerability
System CenterCVE-2020-1331System Center Operations Manager Spoofing Vulnerability
Visual StudioCVE-2020-1343Visual Studio Code Live Share Information Disclosure Vulnerability
Windows COMCVE-2020-1311Component Object Model Elevation of Privilege Vulnerability
Windows Diagnostic HubCVE-2020-1293Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Windows Diagnostic HubCVE-2020-1257Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability
Windows Error ReportingCVE-2020-1261Windows Error Reporting Information Disclosure Vulnerability
Windows InstallerCVE-2020-1272Windows Installer Elevation of Privilege Vulnerability
Windows InstallerCVE-2020-1302Windows Installer Elevation of Privilege Vulnerability
Windows InstallerCVE-2020-1277Windows Installer Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1276Windows Kernel Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1310Win32k Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1273Windows Kernel Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1280Windows Bluetooth Service Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1275Windows Kernel Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1247Win32k Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1274Windows Kernel Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1262Windows Kernel Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1237Windows Kernel Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1266Windows Kernel Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1269Windows Kernel Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1282Windows Runtime Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1264Windows Kernel Elevation of Privilege Vulnerability
Windows KernelCVE-2020-1265Windows Runtime Elevation of Privilege Vulnerability
Windows Lock ScreenCVE-2020-1279Windows Lockscreen Elevation of Privilege Vulnerability
Windows MediaCVE-2020-1238Media Foundation Memory Corruption Vulnerability
Windows MediaCVE-2020-1304Windows Runtime Elevation of Privilege Vulnerability
Windows Media PlayerCVE-2020-1239Media Foundation Memory Corruption Vulnerability
Windows Media PlayerCVE-2020-1232Media Foundation Information Disclosure Vulnerability
Windows OLECVE-2020-1281Windows OLE Remote Code Execution Vulnerability
Windows OLECVE-2020-1212OLE Automation Elevation of Privilege Vulnerability
Windows Print Spooler ComponentsCVE-2020-1300Windows Remote Code Execution Vulnerability
Windows ShellCVE-2020-1299LNK Remote Code Execution Vulnerability
Windows ShellCVE-2020-1286Windows Shell Remote Code Execution Vulnerability
Windows SMBCVE-2020-1206Windows SMBv3 Client/Server Information Disclosure Vulnerability
Windows SMBCVE-2020-1284Windows SMBv3 Client/Server Denial of Service Vulnerability
Windows SMBCVE-2020-1301Windows SMB Remote Code Execution Vulnerability
Windows Update StackCVE-2020-1254Windows Modules Installer Service Elevation of Privilege Vulnerability
Windows Wallet ServiceCVE-2020-1294Windows WalletService Elevation of Privilege Vulnerability
Windows Wallet ServiceCVE-2020-1287Windows WalletService Elevation of Privilege Vulnerability
8 Replies
kingfish
MVP
‎06-09-2020 05:48 PM

You need to reinstall win10....lol

elstaci
In response to kingfish
MVP
‎06-09-2020 05:56 PM

Yes, Doing a Clean Windows Installation will definitely fix all those security holes in Windows (-: .

black_zion
In response to elstaci
MVP
‎06-09-2020 07:23 PM

Microsoft Executive: We fixed 127 issues at one time!!!!

Microsoft Engineer: And created ‭3012660018457659544809977077527059692324164918673621799053346900596667207618480809067860692097713761984609779945772783965563851033300772326297773087851869982500270661791244122597621760000000000000000000000000000000‬ problems...

black_zion
In response to black_zion
MVP
‎06-09-2020 07:58 PM

Also don't forget:

So the question becomes: Will Windows 10X become a free update from Windows 10 given how Windows 10 was supposed to be "the last version of Windows"?


https://www.forbes.com/sites/gordonkelly/2020/06/09/microsoft-windows-10-update-warnings-printer-external-display-internet-connection-free-windows-10-upgrade/

elstaci
In response to black_zion
MVP
‎06-09-2020 08:17 PM

Nice Windows 10X article by this tech site: What Is Windows 10X, and How Is It Different? 

Seems like Windows 10X will be very secured since no Apps will be accessing Windows Core files. All Apps will run in containers to prevent them from interacting with Windows Core Files. I guess it is similar to Windows Sandbox.

0 Likes
black_zion
In response to elstaci
MVP
‎06-09-2020 08:37 PM

More akin to how mobile OSs, especially Android, operate. Have to wait until it makes its appearance known though to see if it will bring a large memory overhead that containers usually bring to the table.

0 Likes
kingfish
In response to black_zion
MVP
‎06-09-2020 08:53 PM

I use containers on Firefox and like the security but to containerize the net? Is that what they are saying or just apps you have installed?

0 Likes
black_zion
In response to kingfish
MVP
‎06-09-2020 11:47 PM

According to WindowsLatest, it's just a glorified Windows 10 S Mode. Aside from the lack of system tray icons, there's no ability to edit the registry, no malware scanners, and, to quote them:

So it sounds to me like Microsoft is still on their "Good, bad" cycle, and 10X looks to be as big of a fuster cuck as Windows 10S, Windows 8, and Windows ME combined and multiplied by a factor of 10. Pray to all the various deities that Windows 10X is just a VARIANT of Windows 10, like Windows 10S, which is completely optional, and not in any way a replacement or the "future" of Windows.

https://www.windowslatest.com/2020/05/10/whats-new-in-windows-10x/