126 CVEs fixed during the November Patch Tuesday updates
3 min. read
Published on
Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more
Key notes
- No less than 126 CVEs are brought into discussion during the November Patch Tuesday updates.
- These CVEs are related to common vulnerabilities and exposures found in Microsoft and Adobe.
- To keep your PC secure, don’t hesitate to take a look at our Security & Privacy section as well.
- Find all about Microsoft's scheduled security fix release on every second Tuesday of a month from our Patch Tuesday Hub.
Microsoft’s scheduled release of the latest security fixes for its Windows operating system and software applications brings countless new fixes and tweaks for Windows 10 users this month.
Quite a few cybersecurity incidents took place in 2020. Therefore, there is no surprise that the November Patch Tuesday updates include dozens of security enhancements.
Take a closer look at this quick rundown on the number of CVEs that have been tracked down this year:
- February: 99 CVEs
- March: 115 CVEs
- April: 118 CVEs
- May: 147 CVEs
- June: 139 CVEs
- July: 136 CVEs
- August: 146 CVEs
- September: 147 CVEs
- October: 88 CVES
Vulnerabilities identified this month
As usual, Microsoft products present the highest number of vulnerabilities, with 112 found out of the total 126, the remaining 14 being related to Adobe products.
Vulnerabilities found in Adobe products
This month’s vulnerabilities were identified for the following Adobe products: Acrobat and Reader.
Four of these CVEs were rated as Critical and could lead to code execution if a user opened a specially crafted PDF.
Vulnerabilities found in Microsoft products
As expected, quite a few Microsoft products were affected by vulnerabilities. These include products like Microsoft Windows, Office and Office Services and Web Apps, Internet Explorer, Edge (EdgeHTML-based and Chromium-based), Microsoft Teams, Exchange Server, Microsoft Dynamics, Azure Sphere, Windows Defender, Visual Studio, and ChakraCore.
Of these 112 patches, 17 were rated as Critical, 93 were rated as Important, and 2 were considered Low in severity.
Which were some of the most severe CVEs?
Of the 126 discovered vulnerabilities, here are those that stood out more than the others:
- CVE-2020-17087 – Windows Kernel Local Elevation of Privilege Vulnerability
- CVE-2020-17084 – Microsoft Exchange Server Remote Code Execution Vulnerability
- CVE-2020-17051 – Windows Network File System Remote Code Execution Vulnerability
- CVE-2020-17040 – Windows Hyper-V Security Feature Bypass Vulnerability
Keep in mind that updating your PC is essential when it comes to getting the latest fixes and helping it run efficiently.
In fact, Patch Tuesday updates are far more important than all other regular updates. If you still don’t know how Patch Tuesday works, you’ll find all the answers you’re looking for in this dedicated guide.
For a complete list of all identified CVEs for the November Patch Tuesday updates, also take your time to check out this useful article.
If you are worried about other vulnerabilities that haven’t yet been covered this month, rest assured that they will most likely be fixed by the next Patch Tuesday updates. Keep an eye on us for fresh info.
[wl_navigator]
User forum
0 messages