VERT Threat Alert: May 2020 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s May 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-884 on Wednesday, May 13th.
In-The-Wild & Disclosed CVEs
None of the vulnerabilities resolved this month have been publicly disclosed or exploited according to Microsoft.
CVE Breakdown by Tag
While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.
Tag | CVE Count | CVEs |
Windows Update Stack | 2 | CVE-2020-1110, CVE-2020-1109 |
Windows Hyper-V | 1 | CVE-2020-0909 |
Power BI | 1 | CVE-2020-1173 |
Windows Subsystem for Linux | 1 | CVE-2020-1075 |
Active Directory | 1 | CVE-2020-1055 |
Windows Scripting | 1 | CVE-2020-1061 |
Microsoft Windows | 55 | CVE-2020-1021, CVE-2020-1028, CVE-2020-1010, CVE-2020-1048, CVE-2020-1071, CVE-2020-1076, CVE-2020-1078, CVE-2020-1084, CVE-2020-1116, CVE-2020-1118, CVE-2020-1124, CVE-2020-1126, CVE-2020-1134, CVE-2020-1137, CVE-2020-1138, CVE-2020-1143, CVE-2020-1144, CVE-2020-1149, CVE-2020-1150, CVE-2020-1151, CVE-2020-1155, CVE-2020-1156, CVE-2020-1157, CVE-2020-1158, CVE-2020-1186, CVE-2020-1189, CVE-2020-1190, CVE-2020-1067, CVE-2020-1068, CVE-2020-1070, CVE-2020-1072, CVE-2020-1077, CVE-2020-1079, CVE-2020-1081, CVE-2020-1082, CVE-2020-1086, CVE-2020-1088, CVE-2020-1090, CVE-2020-1111, CVE-2020-1112, CVE-2020-1121, CVE-2020-1123, CVE-2020-1125, CVE-2020-1131, CVE-2020-1132, CVE-2020-1136, CVE-2020-1139, CVE-2020-1164, CVE-2020-1165, CVE-2020-1166, CVE-2020-1184, CVE-2020-1185, CVE-2020-1187, CVE-2020-1188, CVE-2020-1191 |
Windows Task Scheduler | 1 | CVE-2020-1113 |
Microsoft Edge | 3 | CVE-2020-1059, CVE-2020-1096, CVE-2020-1056 |
Microsoft Graphics Component | 10 | CVE-2020-0963, CVE-2020-1054, CVE-2020-1135, CVE-2020-1140, CVE-2020-1179, CVE-2020-1117, CVE-2020-1141, CVE-2020-1142, CVE-2020-1145, CVE-2020-1153 |
.NET Framework | 1 | CVE-2020-1066 |
.NET Core | 2 | CVE-2020-1108, CVE-2020-1161 |
Windows Kernel | 2 | CVE-2020-1114, CVE-2020-1087 |
Visual Studio | 2 | CVE-2020-1192, CVE-2020-1171 |
Microsoft Dynamics | 1 | CVE-2020-1063 |
Common Log File System Driver | 1 | CVE-2020-1154 |
Internet Explorer | 4 | CVE-2020-1062, CVE-2020-1064, CVE-2020-1093, CVE-2020-1092 |
Microsoft JET Database Engine | 4 | CVE-2020-1175, CVE-2020-1051, CVE-2020-1174, CVE-2020-1176 |
Microsoft Office | 1 | CVE-2020-0901 |
Microsoft Scripting Engine | 5 | CVE-2020-1035, CVE-2020-1037, CVE-2020-1058, CVE-2020-1060, CVE-2020-1065 |
Microsoft Office SharePoint | 12 | CVE-2020-1023, CVE-2020-1024, CVE-2020-1099, CVE-2020-1101, CVE-2020-1107, CVE-2020-1069, CVE-2020-1100, CVE-2020-1102, CVE-2020-1103, CVE-2020-1104, CVE-2020-1105, CVE-2020-1106 |
Other Information
There were no additional advisories released today.
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Tyler Reguly. Read the original post at: https://www.tripwire.com/state-of-security/vert/vert-threat-alert-may-2020-patch-tuesday-analysis/
