Tripwire’s March 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe.

Up first on the patch priority list this month are patches for Microsoft Browsers and Scripting Engine. These patches resolve information disclosure, remote code execution, and memory corruption vulnerabilities.

Next on the list are patches for Microsoft Word, which resolve 3 remote code execution vulnerabilities.

Next on the list are patches for Adobe Acrobat and Adobe Reader (APSB20-13). These patches resolve information disclosure, arbitrary code execution, and arbitrary privilege escalation vulnerabilities.

Next this month are patches that affect components of the Windows operating systems. These patches resolve more than 70 vulnerabilities, including denial of service, elevation of privilege, information disclosure, remote code execution, and memory corruption.

These vulnerabilities affect Connected User Experiences and Telemetry Service, Diagnostic Hub, LNK, Media Foundation, Provisioning Runtime, Kernel, CSC Service, ActiveX Error Reporting, GDI, Network Connections Service, Installer, Network Driver Interface Specification (NDIS), Search Indexer, UpNp Service, Work Folder Service, DirectX, ALPC, Defender Security Center, Update Orchestrator, and SMBv3.

Lastly this month, administrators should focus on server-side patches available for Microsoft IIS, Dynamics, Exchange, and SharePoint.

Microsoft Scripting Engine
CVE-2020-0811, CVE-2020-0812, CVE-2020-0813, CVE-2020-0829, CVE-2020-0828, CVE-2020-0823, CVE-2020-0825, CVE-2020-0830, CVE-2020-0827, CVE-2020-0826, CVE-2020-0832, CVE-2020-0833, CVE-2020-0831, CVE-2020-0848, CVE-2020-0847
Microsoft Browsers
CVE-2020-0824, CVE-2020-0816, CVE-2020-0768
Microsoft Office
CVE-2020-0850, CVE-2020-0852, CVE-2020-0892
APSB20-13: Adobe Reader and Acrobat
CVE-2020-3804, CVE-2020-3806, CVE-2020-3795, CVE-2020-3799, CVE-2020-3792, CVE-2020-3793, CVE-2020-3801, CVE-2020-3802, CVE-2020-3805, CVE-2020-3800, CVE-2020-3807, CVE-2020-3797, CVE-2020-3803
Microsoft Windows I
CVE-2020-0844, CVE-2020-0863, CVE-2020-0810, CVE-2020-0793, CVE-2020-0684, CVE-2020-0820, CVE-2020-0807, CVE-2020-0801, CVE-2020-0809, CVE-2020-0869, CVE-2020-0808, CVE-2020-0876, CVE-2020-0860, CVE-2020-0787, CVE-2020-0771, CVE-2020-0769, CVE-2020-0819, CVE-2020-0858, CVE-2020-0776, CVE-2020-0772, CVE-2020-0806, CVE-2020-0775, CVE-2020-0874, CVE-2020-0879, CVE-2020-0896, CVE-2020-0841, CVE-2020-0840, CVE-2020-0849, CVE-2020-0779, CVE-2020-0843, CVE-2020-0842, CVE-2020-0778, CVE-2020-0804
Microsoft Windows II
CVE-2020-0803, CVE-2020-0802, CVE-2020-0845, CVE-2020-0871, CVE-2020-0861, CVE-2020-0861, CVE-2020-0780, CVE-2020-0857, CVE-2020-0786, CVE-2020-0781, CVE-2020-0783, CVE-2020-0785, CVE-2020-0777, CVE-2020-0800, CVE-2020-0897, CVE-2020-0865, CVE-2020-0864, CVE-2020-0866, CVE-2020-0797, CVE-2020-0854, CVE-2020-0834, CVE-2020-0799, CVE-2020-0690, CVE-2020-0883, CVE-2020-0881, CVE-2020-0788, CVE-2020-0887, (Read more...)