Microsoft started rolling out the May 2020 Patch Tuesday security updates. This month’s Patch Tuesday is the third-largest in Microsoft’s history after the company patched 115 bugs in March 2020 and 113 bugs in April 2020.
This month, the company patched 111 vulnerabilities in 12 different products, including Microsoft Edge, Windows, Visual Studio, as well as the .NET Framework. Of the 111 vulnerabilities, Microsoft identifies 13 as ‘Critical’, 91 as ‘Important’, three vulnerabilities are ‘Moderate’ and four have a ‘Low’ priority. Of the 13 critical vulnerabilities, three have been found in Edge.
In the previous two months, Microsoft patched actively exploited zero-day vulnerabilities, but these bugs are not on this month’s list. This gives system administrators enough time to test this Patch Tuesday for bugs or other issues before applying the updates to all their systems.
The most dangerous bugs patched this month are:
- CVE-2020-1023, CVE-2020-1024, and CVE-2020-1102 – Microsoft SharePoint Remote Code Execution Vulnerability
- CVE-2020-1067 – Windows OS Remote Code Execution Vulnerability
- CVE-2020-1064 – MSHTML Engine Remote Code Execution Vulnerability
- CVE-2020-1096 – Microsoft Edge PDF Remote Code Execution Vulnerability
- CVE-2020-1051, CVE-2020-1174, CVE-2020-1175, and CVE-2020-1176 – Jet Database Engine Remote Code Execution Vulnerability