June 2020's Microsoft Patch Tuesday gives us a whopping 129 CVEs patched (excluding Adobe Flash which addresses CVE-2020-9633 -- a high severity remote code execution vulnerability). While the consistently high volume of vulnerabilities being addressed each month is alarming at times, there is a sense of peace in the steps Microsoft is taking on closing vulnerabilities fast and effectively through the virtues of cumulative patching on Windows 10-based operating systems (both Server and Client) and Monthly Rollup (or Security-Only) bundles of previous operating systems.
This month, a substantial number of vulnerabilities were held within the core components of Windows itself (including the Kernel) covering 54 of the 129 vulnerabilities. Particularly noteworthy are two Windows Media-related vulnerabilities (CVE-2020-1238, CVE-2020-1239) which I would almost bundle with "browser vulnerabilities" as its likely vector is a malicious webpage.
Continuing on the browser vulnerabilities front, we continue to emphasize the importance of good security practices and hygiene in not clicking (or installing) random links (applications). 5 of the 11 Critical RCEs noted this month (CVE-2020-1213, CVE-2020-1216, CVE-2020-1219, CVE-2020-1073, CVE-2020-1260) are browser based an ..
Support the originator by clicking the read the rest link below.
