CVEs found in October finally dropped to just 88

Claudiu Andone
by Claudiu Andone
Windows & Software Expert
0 Comments
Download PDF
Affiliate Disclosure

CVEs dropped to just 88 in October

With the October Patch Tuesday updates, the center focus of pretty much everyone is the security improvements.

Of course, with new updates, everyone is looking for the new features and improvements but the central point of the Patch Tuesday updates is the list of CVEs that accompany it.

With the current pandemy, 2020 was a hard year for security. Unfortunately, the numbers detected until now exceeded the entirety of last year.

Here’s a little rundown on the number of CVEs that have been tracked down this year:

There is, however, a little spark at the end of the tunnel as the October Patch Tuesday delivers only 88 vulnerabilities that have been detected and dealt with.

It’s the second month of this year with less than 100 flagged vulnerabilities and the smallest number this year.

As usual, these affect both Microsoft and Adobe products, ranging in severity from Important to Critical.


Only 88 vulnerabilities were identified this month

As it was expected, the Microsoft products were found the most vulnerable, with 87 out of the total of 88, the remaining vulnerability attributed to Adobe products.

Vulnerabilities found in Adobe Products

This month vulnerabilities were found for one Adobe product, and that is Flash.

It’s imperative to note that Flash will reach the end of life at the end of this year. Also, the patch is meant to fix a NULL pointer Deference bug.

Vulnerabilities found in Microsoft Products

There were a lot more Microsoft products affected by vulnerabilities according to the new discoveries.

These include products like Microsoft Windows, Office, Exchange Server, Microsoft Dynamics, Visual Studio, .NET Framework, Windows Codecs Library, and more.

Of the 87 total vulnerabilities discovered, 11 were rated as Critical, 75 were listed as Important, and one was labeled as Moderate.

What were considered the most severe CVEs?

Of the 87 discovered vulnerabilities, there are some that stood out:

  • CVE-2020-16898
    • Windows TCP/IP Remote Code Execution Vulnerability
  • CVE-2020-16947 
    • Microsoft Outlook Remote Code Execution Vulnerability
  • CVE-2020-16891
    • Windows Hyper-V Remote Code Execution Vulnerability
  • CVE-2020-16909
    • Windows Error Reporting Elevation of Privilege Vulnerability

As mentioned above, vulnerabilities suffered an abrupt fall, and while October does boast only 88 vulnerabilities, this is just a reminder that only last month there were 147 vulnerabilities found.

If you want to read the complete list of all identified CVEs for the October Patch Tuesday updates, check this dedicated article, and you’ll find all the information there.

For download links and more information, this comprehensive article will give you all the details.

If you have any knowledge of any other vulnerabilities that were not covered this month, then it will probably be fixed by the next Patch Tuesday updates.

Speaking of which, the next round of updates will be available starting with November 10.