Tripwire’s February 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe.
Up first on the patch priority list this month are patches for Microsoft Edge and Scripting Engine. These patches resolve information disclosure, elevation of privilege, and memory corruption vulnerabilities.
Next on the list are patches for Adobe Flash player (APSB20-06), Adobe Acrobat (APSB20-05), and Adobe Reader (APSB20-05). These patches resolve information disclosure, arbitrary code execution, memory leak, and arbitrary file system write vulnerabilities.
Next on the list are patches for Microsoft Excel and Outlook. These patches resolve one remote code execution and one security feature bypass vulnerabilities.
Next, this month are patches that affect components of the Windows operating systems. These patches resolve more than 80 vulnerabilities, including denial of service, elevation of privilege, information disclosure, remote code execution, and security feature bypass. These vulnerabilities affect Connected Devices Platform Service, Connected User Experiences and Telemetry Service, DirectX, Backup Service, Client License Service, Data Sharing Service, Error Reporting, Function Discovery Service, Key Isolation Service, Search Indexer, Graphics Component, Windows Kernel, Windows Installer, COM, NDIS, Secure Boot, Hyper-V, RDP, and RDP Client.
Lastly this month, administrators should focus on server-side patches available for Microsoft Office Online Server, SharePoint, SQL Server, and Exchange.
CVE-2020-0767, CVE-2020-0713, CVE-2020-0712, CVE-2020-0711, CVE-2020-0710, CVE-2020-0674, CVE-2020-0673
CVE-2020-3744, CVE-2020-3747, CVE-2020-3755, CVE-2020-3742, CVE-2020-3752, CVE-2020-3754, CVE-2020-3743, CVE-2020-3745, CVE-2020-3746, CVE-2020-3748, CVE-2020-3749, CVE-2020-3750, CVE-2020-3751, CVE-2020-3753, CVE-2020-3756, CVE-2020-3762, CVE-2020-3763
CVE-2020-0740, CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-2020-0727, CVE-2020-0732, CVE-2020-0681, CVE-2020-0703, CVE-2020-0685, CVE-2020-0701, CVE-2020-0657, CVE-2020-0658, CVE-2020-0747, CVE-2020-0659, CVE-2020-0818, CVE-2020-0739, CVE-2020-0737, CVE-2020-0753, CVE-2020-0754, CVE-2020-0678, CVE-2020-0679, CVE-2020-0680, CVE-2020-0682, CVE-2020-0698, CVE-2020-0669, CVE-2020-0668, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672, CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0756, CVE-2020-0755, CVE-2020-0748, CVE-2020-0757, CVE-2020-0667, CVE-2020-0666, CVE-2020-0704, CVE-2020-0733, CVE-2020-0738, CVE-2020-0729, CVE-2020-0655, CVE-2020-0702
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Lane Thames. Read the original post at: https://www.tripwire.com/state-of-security/vert/vert-news/tripwire-patch-priority-index-february-2020/