My TechDecisions

Uncategorized

Microsoft Issues Fixes for 129 Vulnerabilities in Patch Tuesday Release

Microsoft has released fixes for 129 vulnerabilities in what was some are calling the largest patch Tuesday in the history of the Windows operating system.

Leave a Comment

Microsoft Patch Tuesday

Microsoft has released fixes for 129 vulnerabilities in what was some are calling the largest patch Tuesday in the history of the Windows operating system.

However, none of the bugs addressed in this months’ updates are known to have been exploited or known prior to the release, but there are some that warrant special attention for enterprises and companies working remotely.

According to cybersecurity journalist Brian Krebbs, a chief concern among the patches is a trio of vulnerabilities in the Windows file sharing technology, also known as Microsoft Server Message Block or “SMB” service.

Perhaps most troubling of these (CVE-2020-1301) is a remote code execution bug in SMB capabilities built into Windows 7 and Windows Server 2008 systems — both operating systems that Microsoft stopped supporting with security updates in January 2020. One mitigating factor with this flaw is that an attacker would need to be already authenticated on the network to exploit it, according to security experts at Tenable.

The SMB fixes follow closely on news that proof-of-concept code was published this week that would allow anyone to exploit a critical SMB flaw Microsoft patched for Windows 10 systems in March (CVE-2020-0796). Unlike this month’s critical SMB bugs, CVE-2020-0796 does not require the attacker to be authenticated to the target’s network. And with countless company employees now working remotely, Windows 10 users who have not yet applied updates from March or later could be dangerously exposed right now.

Read Next: US Cybersecurity Officials Warn of Windows 10 Vulnerability

Other security patches address issues in Microsoft SharePoint, Microsoft Excel, Micorosft Edge, Internet Explorer, Microsoft Defender, Azure DevOps, Adobe Flash Player, Word for Andoid, Windows Graphics Device Interface and others.

Visit Microsoft’s official Security Response Center for more information on the updates and how to ensure your IT department is keeping your organization protected against malicious actors who keep tabs on Windows security patches and attempt to exploit vulnerable machines before they’re patched.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Reader Interactions

Leave a Reply

Your email address will not be published.

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Download TechDecisions' Blueprint Series report on Security Awareness now!
Blueprint Series: Why Your Security Awareness Program is Probably Falling Short

Learn about the evolution of phishing attacks and best practices for security awareness programs to ensure your organization is properly prepared t...

Workplace Collaboration Tools for Corporate Spaces
Workplace Collaboration Tools for Corporate Spaces

From lobbies and shared spaces to conference rooms and multipurpose facilities, you need high-performing AV technology to effectively share informa...

ChatGPT, generative AI, enterprise, workplace
Blueprint Series: ChatGPT and Generative AI in the Workplace

This latest release of the TechDecisions Blueprint Series explores the new phenomenon of tools such as ChatGPT and how IT leaders should go about d...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ