Patch Tuesday February 2020: Update Highlights and Known Issues


Radu Tyrsina
by Radu Tyrsina
Founder & Editor-in-Chief
Loading Comments
Affiliate Disclosure

windows 10 patch tuesday

Patch Tuesday February 2020 Edition

Microsoft rolled out the February 2020 Patch Tuesday updates on February 11, 2020. As always, with this batch of updates, the Redmond giant focuses on improving the overall functionality of the OS and fixing existing bugs.

This month’s updates are all about improving the security of most Windows components and apps. If you want to install the latest updates, you can check out this guide where you’ll also find the direct download links.

We already covered the key changes in these posts. Do check them out to learn what’s new:

What are the main updates

  • Microsoft Windows

Microsoft rolls out different Patch Tuesday updates for all the Windows 10 versions currently supported. For more information on the latest updates, check out our Windows 10 Patch Tuesday update history page.

  • Internet Explorer

Earlier in January, Microsoft acknowledged an Internet Explorer zero-day vulnerability – CVE-2020-0674. With February’s Patch Tuesday updates, the company addressed the Scripting Engine Memory Corruption Vulnerability.

The fix for the CVE prevents an attacker from executing arbitrary code and denies him the same rights as the current user.

  • Microsoft Hyper-V

Hyper-V is Windows 10‘s built-in hypervisor. You can use this tool to emulate various third-party software and operating systems on your computer.

The latest Patch Tuesday updates improved Hyper-V‘s functionality by fixing a Denial of Service vulnerability that would allow an attacker who already has a privileged account on a guest operating system to run a specially crafted application that would crash the host machine. Microsoft fixed this issue by correcting how Hyper-V validates user input.

The Graphics Device Interface (also known as GDI) is a Windows component that represents graphical objects to monitors and printers. This month’s cumulative updates fixed a Graphics Device Interface vulnerability that would allow arbitrary code execution if the attacker used this vulnerability in combination with another vulnerability.

  • Win32k 

Microsoft patched a critical elevation of privilege vulnerability that allowed hackers to run arbitrary code in kernel mode. Attackers could install programs, as well as view, change, or delete data. This vulnerability also allowed hackers to create new accounts with full user rights.

  • Adobe

Adobe rolled out security updates for most of its products. There are around 42 CVEs patched in February. You can read more about each update in this quick guide.

Patch Tuesday list of CVEs

If you want to learn more about this month’s list of common vulnerabilities and exposures, you can check out the table below:

TagCVE IDCVE TitleSeverity
Adobe Flash PlayerADV200003February 2020 Adobe Flash Security UpdateImportant
Internet ExplorerCVE-2020-0674Scripting Engine Memory Corruption VulnerabilityModerate
Internet ExplorerCVE-2020-0673Scripting Engine Memory Corruption VulnerabilityModerate
Microsoft EdgeCVE-2020-0663Microsoft Edge Elevation of Privilege VulnerabilityImportant
Microsoft EdgeCVE-2020-0706Microsoft Browser Information Disclosure VulnerabilityImportant
Microsoft Exchange ServerCVE-2020-0692Microsoft Exchange Server Elevation of Privilege VulnerabilityImportant
Microsoft Exchange ServerCVE-2020-0688Microsoft Exchange Memory Corruption VulnerabilityImportant
Microsoft Exchange ServerCVE-2020-0696Microsoft Outlook Security Feature Bypass VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-0744Windows GDI Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-0745Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-0714DirectX Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-0715Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-0746Microsoft Graphics Components Information Disclosure VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-0709DirectX Elevation of Privilege VulnerabilityImportant
Microsoft Graphics ComponentCVE-2020-0792Windows Graphics Component Elevation of Privilege VulnerabilityImportant
Microsoft Malware Protection EngineCVE-2020-0733Windows Malicious Software Removal Tool Elevation of Privilege VulnerabilityImportant
Microsoft OfficeCVE-2020-0697Microsoft Office Tampering VulnerabilityImportant
Microsoft OfficeCVE-2020-0759Microsoft Excel Remote Code Execution VulnerabilityImportant
Microsoft OfficeCVE-2020-0695Microsoft Office Online Server Spoofing VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0694Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Office SharePointCVE-2020-0693Microsoft Office SharePoint XSS VulnerabilityImportant
Microsoft Scripting EngineCVE-2020-0713Scripting Engine Memory Corruption VulnerabilityCritical
Microsoft Scripting EngineCVE-2020-0711Scripting Engine Memory Corruption VulnerabilityCritical
Microsoft Scripting EngineCVE-2020-0710Scripting Engine Memory Corruption VulnerabilityCritical
Microsoft Scripting EngineCVE-2020-0712Scripting Engine Memory Corruption VulnerabilityCritical
Microsoft Scripting EngineCVE-2020-0767Scripting Engine Memory Corruption VulnerabilityCritical
Microsoft WindowsCVE-2020-0741Connected Devices Platform Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0742Connected Devices Platform Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0740Connected Devices Platform Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0658Windows Common Log File System Driver Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-0737Windows Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0659Windows Data Sharing Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0739Windows Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0757Windows SSH Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0732DirectX Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0753Windows Error Reporting Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0755Windows Key Isolation Service Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-0754Windows Error Reporting Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0657Windows Common Log File System Driver Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0667Windows Search Indexer Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0743Connected Devices Platform Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0666Windows Search Indexer Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0748Windows Key Isolation Service Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-0747Windows Data Sharing Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0668Windows Kernel Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0704Windows Wireless Network Manager Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0685Windows COM Server Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0676Windows Key Isolation Service Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-0678Windows Error Reporting Manager Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0703Windows Backup Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0680Windows Function Discovery Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0679Windows Function Discovery Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0681Remote Desktop Client Remote Code Execution VulnerabilityCritical
Microsoft WindowsCVE-2020-0677Windows Key Isolation Service Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-0682Windows Function Discovery Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0756Windows Key Isolation Service Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-0670Windows Kernel Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0675Windows Key Isolation Service Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-0669Windows Kernel Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0727Connected User Experiences and Telemetry Service Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0671Windows Kernel Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0672Windows Kernel Elevation of Privilege VulnerabilityImportant
Microsoft WindowsCVE-2020-0698Windows Information Disclosure VulnerabilityImportant
Microsoft WindowsCVE-2020-0701Windows Client License Service Elevation of Privilege VulnerabilityImportant
Microsoft Windows Search ComponentCVE-2020-0735Windows Search Indexer Elevation of Privilege VulnerabilityImportant
Remote Desktop ClientCVE-2020-0734Remote Desktop Client Remote Code Execution VulnerabilityCritical
Secure BootCVE-2020-0689Microsoft Secure Boot Security Feature Bypass VulnerabilityImportant
SQL ServerCVE-2020-0618Microsoft SQL Server Reporting Services Remote Code Execution VulnerabilityImportant
Windows Authentication MethodsCVE-2020-0665Active Directory Elevation of Privilege VulnerabilityImportant
Windows COMCVE-2020-0752Windows Search Indexer Elevation of Privilege VulnerabilityImportant
Windows COMCVE-2020-0749Connected Devices Platform Service Elevation of Privilege VulnerabilityImportant
Windows COMCVE-2020-0750Connected Devices Platform Service Elevation of Privilege VulnerabilityImportant
Windows Hyper-VCVE-2020-0751Windows Hyper-V Denial of Service VulnerabilityImportant
Windows Hyper-VCVE-2020-0662Windows Remote Code Execution VulnerabilityCritical
Windows Hyper-VCVE-2020-0661Windows Hyper-V Denial of Service VulnerabilityImportant
Windows InstallerCVE-2020-0686Windows Installer Elevation of Privilege VulnerabilityImportant
Windows InstallerCVE-2020-0683Windows Installer Elevation of Privilege VulnerabilityImportant
Windows InstallerCVE-2020-0728Windows Modules Installer Service Information Disclosure VulnerabilityImportant
Windows KernelCVE-2020-0722Win32k Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2020-0721Win32k Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2020-0719Win32k Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2020-0720Win32k Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2020-0723Win32k Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2020-0731Win32k Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2020-0726Win32k Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2020-0724Win32k Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2020-0725Win32k Elevation of Privilege VulnerabilityImportant
Windows KernelCVE-2020-0717Win32k Information Disclosure VulnerabilityImportant
Windows KernelCVE-2020-0736Windows Kernel Information Disclosure VulnerabilityImportant
Windows KernelCVE-2020-0716Win32k Information Disclosure VulnerabilityImportant
Windows Kernel-Mode DriversCVE-2020-0691Win32k Elevation of Privilege VulnerabilityImportant
Windows MediaCVE-2020-0738Media Foundation Memory Corruption VulnerabilityCritical
Windows NDISCVE-2020-0705Windows Network Driver Interface Specification (NDIS) Information Disclosure VulnerabilityImportant
Windows RDPCVE-2020-0660Windows Remote Desktop Protocol (RDP) Denial of Service VulnerabilityImportant
Windows ShellCVE-2020-0702Surface Hub Security Feature Bypass VulnerabilityImportant
Windows ShellCVE-2020-0655Remote Desktop Services Remote Code Execution VulnerabilityImportant
Windows ShellCVE-2020-0730Windows User Profile Service Elevation of Privilege VulnerabilityImportant
Windows ShellCVE-2020-0729LNK Remote Code Execution VulnerabilityCritical
Windows ShellCVE-2020-0707Windows IME Elevation of Privilege VulnerabilityImportant
Windows Update StackCVE-2020-0708Windows Imaging Library Remote Code Execution VulnerabilityImportant

What are the best practices for Patch Tuesday

There are a few things that you can do in order to make sure that your computer installs the latest Patch Tuesday updates without any issues. We all know that Windows updates often trigger errors. In extreme cases, they may even render your PC completely unusable. Follow these tips to make sure the update install process goes as smoothly as possible.

How to download the latest PT updates

We have a special category where we keep track of all the monthly releases for the products that you are interested in.

Exploit Wednesday & Uninstall Thursday

Right after Patch Tuesday, hackers try to exploit the vulnerabilities left unpatched by Microsoft. This leads to an increase in the number of cyber attacks. On the other hand, many users often decide to uninstall the Patch Tuesday updates a few hours after install due to the large number of issues they triggered — hence the name Uninstall Thursday. Check out this guide to learn more on how to stay safe after Patch Tuesday and make sure the updates don’t brick your computer.

Patch Tuesday: All your Questions Answered

  • When is Patch Tuesday released? Microsoft rolls out new Patch Tuesday updates on the second Tuesday of each month. The next Patch Tuesday Update is expected to arrive on February 11, 2020.
  • How does Patch Tuesday work? We already answered this question in this quick guide. Do check it out to learn more on the mechanisms behind Patch Tuesday.
  • What is the bandwidth impact of Patch Tuesday? When actively downloading updates, you may experience slow connection issues on your Windows 10 computer. This happens especially when updating multiple PCs at the same time. The solution is to distribute the updates locally via WSUS. This means downloading the updates from Microsoft Servers. Then, your Windows 10 computers can share the updates in a peer-to-peer manner over the local network resulting in a faster update process.

Patch Tuesday Troubleshooting

Oftentimes, Patch Tuesday updates trigger various errors on Windows computers. These may range from minor glitches to technical issues that may render your computer unusable. We covered extensively Patch Tuesday issues we compiled hundreds of troubleshooting guides to help you solve these problems quickly.