- The June Patch Tuesday Updates have brought fixes to 139 CVEs.
- Some of these CVEs apply to Adobe products, while the others are found in Microsoft products.
- Thankfully enough, these CVEs were dealt with accordingly, removing any threat when using these tools.
- For more articles on the topic, visit our comprehensive Patch Tuesday page.
As you probably guessed already, Patch Tuesday is already here, and Microsoft has yet again released a new round of major updates for all versions of Windows 10.
What makes this al the more interesting is that this is also the first round of Patch Tuesday updates since the launch of Windows 10 v2004.
Of course, an entirely new version of Windows 10 also means that news CVEs have the potential to appear and need fixing, at least now in the beginning phase.
Those of you that frequently stay in touch with what is happening in the security world will probably have noticed that there has been a steady increase in CVEs since the beginning of the year.
Here’s a brief summary of how these CVEs have been handled:
139 CVEs got fixed during the June Update
As a whole, this month’s round of Patch Tuesday Updates as a whole brings fixes to 10 Adobe-related CVEs, and 129 Microsoft-related CVEs, totalling 139 CVEs.
10 CVEs were identified so far, and they involve Adobe Flash, Experience Manager, and Framemaker.
The 10 CVEs identified were rated as follows:
- 2 are rated as Critical
- 1 is rated as Important
Thankfully enough, none of the bugs patched by Adobe this month were listed as being publicly known, more were they flagged as being under active attack.
As mentioned above, 129 CVEs were identified this month, spanning a wide variety of Microsoft apps and services.
These include Microsoft Windows, Internet Explorer (IE), Microsoft Edge, ChakraCore, Office and Microsoft Office Services.
More so, CVEs were also discovered pertaining Web Apps, Windows Defender, Microsoft Dynamics, Visual Studio, Azure DevOps, and Microsoft Apps for Android.
The 129 CVEs identified were rated as follows:
- 11 are rated as being Critical
- 118 are rated as being Important
Which were some of the most severe CVEs?
- LNK Remote Code Execution Vulnerability
- Microsoft Outlook Security Feature Bypass Vulnerability
- Windows Remote Code Execution Vulnerability
- Windows OLE Remote Code Execution Vulnerability
These are just some of the most noteworthy CVEs covered by Microsoft during the June 2020 round of Patch Tuesday Updates.
For those of you that know of another CVE that has yet to be covered, you’ll have to wait until July 14 for the next round of fixes.
- Who maintains CVEs?
- What is CVE in security?
The number attributed to a CVE is the CVE ID number assigned to a security flaw, and it is unique from case to case.