126 CVEs fixed during the November Patch Tuesday updates

Reading time icon 3 min. read


Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

Key notes

  • No less than 126 CVEs are brought into discussion during the November Patch Tuesday updates.
  • These CVEs are related to common vulnerabilities and exposures found in Microsoft and Adobe.
  • To keep your PC secure, don’t hesitate to take a look at our Security & Privacy section as well.
  • Find all about Microsoft's scheduled security fix release on every second Tuesday of a month from our Patch Tuesday Hub.
Patch Tuesday

Microsoft’s scheduled release of the latest security fixes for its Windows operating system and software applications brings countless new fixes and tweaks for Windows 10 users this month.

Quite a few cybersecurity incidents took place in 2020. Therefore, there is no surprise that the November Patch Tuesday updates include dozens of security enhancements.

Take a closer look at this quick rundown on the number of CVEs that have been tracked down this year:


Vulnerabilities identified this month

As usual, Microsoft products present the highest number of vulnerabilities, with 112 found out of the total 126, the remaining 14 being related to Adobe products.

Vulnerabilities found in Adobe products

This month’s vulnerabilities were identified for the following Adobe products: Acrobat and Reader.

Four of these CVEs were rated as Critical and could lead to code execution if a user opened a specially crafted PDF.

Vulnerabilities found in Microsoft products

As expected, quite a few Microsoft products were affected by vulnerabilities. These include products like Microsoft Windows, Office and Office Services and Web Apps, Internet Explorer, Edge (EdgeHTML-based and Chromium-based), Microsoft Teams, Exchange Server, Microsoft Dynamics, Azure Sphere, Windows Defender, Visual Studio, and ChakraCore.

Of these 112 patches, 17 were rated as Critical, 93 were rated as Important, and 2 were considered Low in severity.

Which were some of the most severe CVEs?

Of the 126 discovered vulnerabilities, here are those that stood out more than the others:

  • CVE-2020-17087 – Windows Kernel Local Elevation of Privilege Vulnerability
  • CVE-2020-17084 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2020-17051 – Windows Network File System Remote Code Execution Vulnerability
  • CVE-2020-17040 – Windows Hyper-V Security Feature Bypass Vulnerability

Keep in mind that updating your PC is essential when it comes to getting the latest fixes and helping it run efficiently.

In fact, Patch Tuesday updates are far more important than all other regular updates. If you still don’t know how Patch Tuesday works, you’ll find all the answers you’re looking for in this dedicated guide.

For a complete list of all identified CVEs for the November Patch Tuesday updates, also take your time to check out this useful article.

If you are worried about other vulnerabilities that haven’t yet been covered this month, rest assured that they will most likely be fixed by the next Patch Tuesday updates. Keep an eye on us for fresh info.

[wl_navigator]

More about the topics: patch tuesday, windows 10 updates

User forum

0 messages