In June 2020 Microsoft’s Patch Tuesday fixes a record 129 defects and vulnerabilities in its software – with a further 19 patches in the June Microsoft Office patch bundle.
This continues a recent trend of ever-increasing numbers of patches included in the monthly updates from Microsoft (the two previous highest number of patches were in March and April 2020 – both over 100 patches each).
What is included in June 2020 Patch Tuesday Security Updates?
The 129 patches include 11 which are rated as Critical and 109 Important. Three of the critical updates are remote code execution vulnerabilities in the Edge browser and VBScript engine (CVE-2020-1219, CVE-2020-1216, CVE-2020-1216) that require only a user to visit a specially crafted malicious website in order to exploit the vulnerabilities.
Microsoft also issued a special security advisory that draws attention to a critical remote execution vulnerability in Adobe Flash that can be used to attack all support versions of desktop and server side Windows systems.
June 2020 Updates for Microsoft Office
Nine Remote Code Execution vulnerabilities have been patched that affect older version of the Office software (including Excel 2010, 2013 and 2016 version, and Sharepoint server software). Full details are available in the release notes from Microsoft.