146 CVEs were fixed during the August Patch Tuesday updates
3 min. read
Updated on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Key notes
- 146 CVEs were brought to the user's attention during the August Patch Tuesday updates.
- These CVEs are about products from both the Microsoft and the Adobe family
- All of these CVEs were dealt with, so users are advised to update their OS as soon as possible.
- To find out more about this monthly Microsoft event, visit our comprehensive Patch Tuesday page.
The August Patch Tuesday Updates have arrived, and Microsoft has truly outdone itself this time, bringing tones of new fixes, tweaks, and features for the Windows 10 OS.
Of course, the highlight of these monthly updates is the security enhancements that everyone awaits, as it seems that 2020 has become an arms race between vulnerabilities and those that identify and fix them.
Here’s a brief rundown of how the year 2020 has been as far as CVEs are concerned:
Speaking of which, This month precisely 146 CVEs were identified and taken care of for both Microsoft and Adobe products as well.
Over 140 Microsoft and Adobe CVEs were identified
This month brings fixes to a total of 146 CVEs, 26 of which are for Adobe products, while 120 are for Microsoft products and, as usual, they vary in severity.
Adobe-related CVEs
26 CVEs were discovered this past month when it comes to Adobe products, and they affect programs like Adobe Lightroom and Acrobat Pro DC. These CVEs include common ones like Use-After-Free (UAF), OOB Write, stack exhaustion, and memory corruption bugs.
Compared to other months, only one of the 26 identified CVEs were rated as Critical, and it is called CVE-2020-9712.
Microsoft-related CVEs
A total of 120 CVEs were identified affecting Microsoft products like Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), ChakraCore, Internet Explorer (IE), Microsoft Scripting Engine, SQL Server, .NET Framework, ASP.NET Core, Office and Office Services and Web Apps, Windows Codecs Library, and Microsoft Dynamics
This month marks yet another time when over 100 CVE were fount, bringing the grand total for the year 2020 to 862, already exceeding the number of CVE identified in the entirety of 2019.
The 120 CVEs identified were rated as follows:
- 13 are rated as being Critical
- 107 are rated as being Important
Which were some of the most severe CVEs?
- CVE-2020-1380
- Scripting Engine Memory Corruption Vulnerability
- Scripting Engine Memory Corruption Vulnerability
- CVE-2020-1464
- Windows Spoofing Vulnerability
- Windows Spoofing Vulnerability
- CVE-2020-1472
- NetLogon Elevation of Privilege Vulnerability
- NetLogon Elevation of Privilege Vulnerability
- CVE-2020-1585
- Microsoft Windows Codecs Library Remote Code Execution Vulnerability
- Microsoft Windows Codecs Library Remote Code Execution Vulnerability
For a complete list of all identified CVEs for the August Patch Tuesday updates, head over to this dedicated article.
If you haven’t seen a vulnerability you are aware of on this list, then maybe you should wait until next month on September 8, since that’s when the next Patch Tuesday will be.
While a CVE is a common vulnerability and exposure, the CVSS is the overall score assigned to a vulnerability, which showcases how severe it is.
The CVE database is maintained by MITRE, as it maintains both the CVE dictionary and public website.
If you have any other suggestions for our articles, leave us your feedback in the comments section below.
[wl_navigator]
User forum
0 messages