CVEs found in October finally dropped to just 88
3 min. read
Published on
Share this article
Improve this guide
Read our disclosure page to find out how can you help Windows Report sustain the editorial team. Read more
Key notes
- The October Patch Tuesday updates have come with only 88 CVE reports.
- The vulnerabilities that were discovered cover mostly Microsoft and just 1 Adobe product.
- To keep your computer safe, get the latest Patch Tuesday updates as soon as possible.
- This is a very important Microsoft event so learn more about it from our Patch Tuesday page.
With the October Patch Tuesday updates, the center focus of pretty much everyone is the security improvements.
Of course, with new updates, everyone is looking for the new features and improvements but the central point of the Patch Tuesday updates is the list of CVEs that accompany it.
With the current pandemy, 2020 was a hard year for security. Unfortunately, the numbers detected until now exceeded the entirety of last year.
Here’s a little rundown on the number of CVEs that have been tracked down this year:
- February: 99 CVEs
- March: 115 CVEs
- April: 118 CVEs
- May: 147 CVEs
- June: 139 CVEs
- July: 136 CVEs
- August: 146 CVEs
- September: 147 CVEs
There is, however, a little spark at the end of the tunnel as the October Patch Tuesday delivers only 88 vulnerabilities that have been detected and dealt with.
It’s the second month of this year with less than 100 flagged vulnerabilities and the smallest number this year.
As usual, these affect both Microsoft and Adobe products, ranging in severity from Important to Critical.
Only 88 vulnerabilities were identified this month
As it was expected, the Microsoft products were found the most vulnerable, with 87 out of the total of 88, the remaining vulnerability attributed to Adobe products.
Vulnerabilities found in Adobe Products
This month vulnerabilities were found for one Adobe product, and that is Flash.
It’s imperative to note that Flash will reach the end of life at the end of this year. Also, the patch is meant to fix a NULL pointer Deference bug.
Vulnerabilities found in Microsoft Products
There were a lot more Microsoft products affected by vulnerabilities according to the new discoveries.
These include products like Microsoft Windows, Office, Exchange Server, Microsoft Dynamics, Visual Studio, .NET Framework, Windows Codecs Library, and more.
Of the 87 total vulnerabilities discovered, 11 were rated as Critical, 75 were listed as Important, and one was labeled as Moderate.
What were considered the most severe CVEs?
Of the 87 discovered vulnerabilities, there are some that stood out:
- CVE-2020-16898
- Windows TCP/IP Remote Code Execution Vulnerability
- CVE-2020-16947
- Microsoft Outlook Remote Code Execution Vulnerability
- CVE-2020-16891
- Windows Hyper-V Remote Code Execution Vulnerability
- CVE-2020-16909
- Windows Error Reporting Elevation of Privilege Vulnerability
As mentioned above, vulnerabilities suffered an abrupt fall, and while October does boast only 88 vulnerabilities, this is just a reminder that only last month there were 147 vulnerabilities found.
If you want to read the complete list of all identified CVEs for the October Patch Tuesday updates, check this dedicated article, and you’ll find all the information there.
For download links and more information, this comprehensive article will give you all the details.
If you have any knowledge of any other vulnerabilities that were not covered this month, then it will probably be fixed by the next Patch Tuesday updates.
Speaking of which, the next round of updates will be available starting with November 10.
[wl_navigator]
User forum
0 messages