Micro .ft Patch Tuesday, September 2020 Edition – Crabs on Security


Micro .ft Today it has released updates to address about 130 security vulnerabilities Windows operating operating system and supported software. Any vulnerabilities are currently considered to be under active exploitation, but 23 of them may be exploited by malware or malware to gain full control over a Windows computer with little or no help.

Most of Microsoft’s FFT deals with dangerous or “critical” errors with issues with various Windows operating operating systems and its web browsers. Internet Explorer And Edge. In September, Microsoft sent corrections to more than 100 bugs in its products, and for the fourth month in a row it fixed more than 120.

CVE-2020-16875 is a major concern for businesses this month, with significant flaws in email software software Micro .ft Exchange Server 2016 and 2019. An attacker can take advantage of Exchange Blogs to execute the code of his choice by sending a booby trapped email to an attacking Exchange server.

“It doesn’t totally make it accidental, but it’s the worst case scenario for Exchange Servers.” Dustin Children, Of Zero Day Initiative of Trend Micro. “We’ve seen previous Pace Exchange bug CVE-2020-0688 used in the wild, and it needs authentication. We will probably see this in the wild soon. This should be your priority. ”

It is also not good for companies to have CVE 2020-1210, supported versions with remote code execution flaws Micro .ft SharePoint Document management software or bad people can attack by uploading a file to a weak SharePoint site. Security pay firm Tenable Note that this error is reminiscent of CVE-2018-0604, another SharePoint problem that has been exploited for cybercriminal gain since April 2019.

Microsoft has fixed at least five other serious bugs in the SharePoint version 2010 from 2019 to 2019 that could be used to compromise systems running on this software. And because ransomware purveyors have a history of cracking down on SharePoint errors to spread waste in ventures, companies should definitely prioritize deploying these fixes, he says. Alan Liska, Senior Security Architect Record Future.

Todd Shell On Uvanti Reminds us that Patch Tuesday isn’t just about Windows updates: Google sent out an important update for its Chrome browser that fixes at least five security bugs that rate high intensity. If you use Chrome and see a small icon on the inside of the circle to the right of the address bar, it’s time to update. The remaining updates should be applied to completely close Chrome and restart it.

Once again, no security updates are available today Adobe Flash PlayerHowever, the company has sent out a non-security software update for the browser plugin. The last time Flash received a security update was in June 2020, indicating that researchers and / or attackers had stopped searching for bugs. Adobe says it will retire the plugin later this year, and Microsoft has said it plans to completely remove the program from all Microsoft .ft browsers by Windows Update by then.

Before you update with this month’s patch batch, please make sure you have backed up your system and / or important files. It’s not uncommon for Windows updates to have a system hose or prevent it from booting down, and some updates are known to erase or corrupt files.

So favor yourself and back up Before Install any patches. Windows 10 also has some built-in tools to help you, either on a per-file / folder basis or by making your hard drive complete and bootable at the same time.

And if you want to make sure that Windows has stopped updating, so that you can back up your files and / or system before you decide to reboot the operating system on its own schedule and install patches, check out this guide.

As always, if you experience difficulties or problems installing any of these patches this month, please consider making a comment about it below; There is also a great opportunity that other readers have also experienced and can use it here with some helpful tips.

Tags: Alan Liska, CVE-2020-1210, CVE-2020-16875, Dustin Childs, Ivanti, Micro Exchange Ft Server, Micro Microsoft Ft Patch Tuesday September 2020, Micro Share Ft SharePoint, Record Future, Tenable, Todd Day

This entry was posted on Tuesday, September 8th, 2020 at 5:33 pm and is filed under Security Tools, Time to Patch. You can follow any comments for this entry via the RSS 2.0 feed. You can skip to the end and leave a comment. Pinging is currently not allowed.