The July Patch Tuesday Updates come with fixes for 136 CVEs

Milan Stanojevic
by Milan Stanojevic
Deputy Editor
0 Comments
Download PDF
Affiliate Disclosure

  • The July Patch Tuesday Updates have brought fixes to 136 CVEs.
  • These CVEs include both Microsoft and Adobe products, with various grades of severity.
  • Fortunately enough, these CVEs were dealt with, so anyone getting the latest updates is safe.
  • To read more about this special Microsoft event, visit our comprehensive Patch Tuesday page.
July patch tuesday CVEs

Microsoft has just released the 7th round of Patch Tuesday updates of the year 2020, and they are known as the July Patch Tuesday updates.

These are monthly updates that are released in order to improve Windows 10 from both a feature point of view, as well as from a security point of view.

Speaking of security, this has been yet another fruitful month for Microsoft, as they managed to successfully managed to identify and fix 136 CVEs.

Those of you that have a particular interest in security will have probably noticed that this year market a steady increase in the number of average CVEs identified.

Like in all of the previous months, over a hundred CVEs were identified for Microsoft products, which is a trend that has got many users concerned.

As an example, 851 CVEs were fixe din the entirety of 2019, and if this trend keeps up, we will pass that number during the August updates.

Over 100 Microsoft CVEs got fixed along with the July updates

This month brings fixes to a total of 136 CVEs, 13 of which are for Adobe products, while 123 are for Microsoft products

Adobe-related CVEs

This month comes with fixes for 13 different Adobe CVEs, and they involve the Adobe Cold Fusion, Download Manager, Genuine Service, Media Encoder, and the Creative Cloud Desktop Application.

Of the 13 identified this month, 3 were rated as being Critical.

Fortunately enough, none of the Adobe bugs fixed this month were listed as being publicly known, and they weren’t flagged as being under active attack.

Microsoft-related CVEs

The products with vulnerabilities identified this month include Microsoft Windows, Edge in IE Mode, ChakraCore, Internet Explorer (IE), Office and Office Services and Web Apps.

More so, vulnerabilities were found for Windows Defender, Skype for Business, Visual Studio, .NET Framework, OneDrive, Azure DevOp, and Open Source Software.

The 123 CVEs identified were rated as follows:

  • 18 are rated as being Critical
  • 105 are rated as being Important

Which were some of the most severe CVEs?

  • CVE-2020-1350
    • Windows DNS Server Remote Code Execution Vulnerability
  • CVE-2020-1025
    • Microsoft Office Elevation of Privilege Vulnerability
  • CVE-2020-1147
    • .NET Framework, SharePoint Server, and Visual Studio Remote Code Execution Vulnerability
  • CVE-2020-1349
    • Microsoft Outlook Remote Code Execution Vulnerability

These are just some of the most severe CVEs that were identified during the July 2020 Patch Tuesday Updates. 


FAQ: Learn more about CVEs

  • What does CVE mean?

CVE stands for Common Vulnerabilities and Exposures.

  • Are CVEs important?

Yes, CVEs allow the standardization of identifies for vulnerabilities or exposures.

  • What is the difference between CVEs and CWEs?

While CVE stands for Common Vulnerabilities and Exposures, CWE stands for Common Weakness Enumeration. One deals with the instance or the product affected, while the other deals with the vulnerability itself.


If you know of other CVEs that haven’t been covered here, better luck seeing them fix on August 11, because that’s when the next Patch Tuesday updates will become available.

Until then, if you have any other suggestions on how to improve our articles, leave us your feedback in the comments section below.