Microsoft 8 grudnia 2020 roku wydał nowy pakiet aktualizacji bezpieczeństwa w ramach comiesięcznego Patch Tuesday. Wydano łącznie 58 poprawek bezpieczeństwa, w tym 9 oznaczonych jako krytyczne.

Pełna lista poprawek:

Description
CVE Disclosed Exploited Exploitability (old versions) current version Severity CVSS Base (AVG) CVSS Temporal (AVG)
Azure DevOps Server Spoofing Vulnerability
CVE-2020-17135 No No Less Likely Less Likely Important 6.4 5.6
Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
CVE-2020-17145 No No Less Likely Less Likely Important 5.4 4.7
Azure SDK for C Security Feature Bypass Vulnerability
CVE-2020-17002 No No Less Likely Less Likely Important 7.4 6.4
Azure SDK for Java Security Feature Bypass Vulnerability
CVE-2020-16971 No No Less Likely Less Likely Important 7.4 6.4
Azure Sphere Security Feature Bypass Vulnerability
CVE-2020-17160 No No Less Likely Less Likely Important 7.4 6.4
Chakra Scripting Engine Memory Corruption Vulnerability
CVE-2020-17131 No No Less Likely Less Likely Critical 4.2 3.8
DirectX Graphics Kernel Elevation of Privilege Vulnerability
CVE-2020-17137 No No Less Likely Less Likely Important 7.8 6.8
Dynamics CRM Webclient Cross-site Scripting Vulnerability
CVE-2020-17147 No No Less Likely Less Likely Important 8.7 7.6
Hyper-V Remote Code Execution Vulnerability
CVE-2020-17095 No No Less Likely Less Likely Critical 8.5 7.4
Kerberos Security Feature Bypass Vulnerability
CVE-2020-16996 No No Less Likely Less Likely Important 6.5 5.7
Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
CVE-2020-17152 No No More Likely More Likely Critical 8.8 7.7
CVE-2020-17158 No No More Likely More Likely Critical 8.8 7.7
Microsoft Dynamics Business Central/NAV Information Disclosure
CVE-2020-17133 No No Less Likely Less Likely Important 6.5 5.7
Microsoft Edge for Android Spoofing Vulnerability
CVE-2020-17153 No No Less Likely Less Likely Moderate 4.3 3.9
Microsoft Excel Information Disclosure Vulnerability
CVE-2020-17126 No No Less Likely Less Likely Important 5.5 4.8
Microsoft Excel Remote Code Execution Vulnerability
CVE-2020-17122 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-17123 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-17125 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-17127 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-17128 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-17129 No No Less Likely Less Likely Important 7.8 6.8
Microsoft Excel Security Feature Bypass Vulnerability
CVE-2020-17130 No No Less Likely Less Likely Important 6.5 5.7
Microsoft Exchange Information Disclosure Vulnerability
CVE-2020-17143 No No Less Likely Less Likely Important 8.8 7.9
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2020-17117 No No Less Likely Less Likely Critical 6.6 5.9
CVE-2020-17132 No No Less Likely Less Likely Critical 8.4 7.6
CVE-2020-17141 No No Less Likely Less Likely Important 8.4 7.6
CVE-2020-17142 No No Less Likely Less Likely Critical 8.4 7.6
CVE-2020-17144 No No More Likely More Likely Important 8.4 7.6
Microsoft Guidance for Addressing Spoofing Vulnerability in DNS Resolver
ADV200013 No No Less Likely Less Likely Important
Microsoft Outlook Information Disclosure Vulnerability
CVE-2020-17119 No No Less Likely Less Likely Important 6.5 5.9
Microsoft PowerPoint Remote Code Execution Vulnerability
CVE-2020-17124 No No Less Likely Less Likely Important 7.8 6.8
Microsoft SharePoint Elevation of Privilege Vulnerability
CVE-2020-17089 No No Less Likely Less Likely Important 7.1 6.4
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2020-17120 No No Less Likely Less Likely Important 5.3 4.6
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2020-17118 No No More Likely More Likely Critical 8.1 7.3
CVE-2020-17121 No No More Likely More Likely Critical 8.8 7.7
Microsoft SharePoint Spoofing Vulnerability
CVE-2020-17115 No No Less Likely Less Likely Moderate 8.0 7.0
Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability
CVE-2020-17159 No No Less Likely Less Likely Important 7.8 6.8
Visual Studio Code Remote Code Execution Vulnerability
CVE-2020-17150 No No Less Likely Less Likely Important 7.8 6.8
Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability
CVE-2020-17148 No No Less Likely Less Likely Important 7.8 6.8
Visual Studio Remote Code Execution Vulnerability
CVE-2020-17156 No No Less Likely Less Likely Important 7.8 6.8
Windows Backup Engine Elevation of Privilege Vulnerability
CVE-2020-16958 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-16959 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-16960 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-16961 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-16962 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-16963 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-16964 No No Less Likely Less Likely Important 7.8 6.8
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2020-17103 No No Less Likely Less Likely Important 7.0 6.1
CVE-2020-17134 No No Less Likely Less Likely Important 7.8 6.8
CVE-2020-17136 No No Less Likely Less Likely Important 7.8 6.8
Windows Digital Media Receiver Elevation of Privilege Vulnerability
CVE-2020-17097 No No Less Likely Less Likely Important 3.3 2.9
Windows Error Reporting Information Disclosure Vulnerability
CVE-2020-17094 No No Less Likely Less Likely Important 5.5 4.8
CVE-2020-17138 No No Less Likely Less Likely Important 5.5 4.8
Windows GDI+ Information Disclosure Vulnerability
CVE-2020-17098 No No Less Likely Less Likely Important 5.5 4.8
Windows Lock Screen Security Feature Bypass Vulnerability
CVE-2020-17099 No No Less Likely Less Likely Important 6.8 5.9
Windows NTFS Remote Code Execution Vulnerability
CVE-2020-17096 No No More Likely More Likely Important 7.5 6.5
Windows Network Connections Service Elevation of Privilege Vulnerability
CVE-2020-17092 No No Less Likely Less Likely Important 7.8 6.8
Windows Overlay Filter Security Feature Bypass Vulnerability
CVE-2020-17139 No No Less Likely Less Likely Important 7.8 6.8
Windows SMB Information Disclosure Vulnerability
CVE-2020-17140 No No Less Likely Less Likely Important 8.1 7.1