Latest News
Microsoft fixes 129 flaws, 23 critical, in massive Patch Tuesday
Microsoft has released patches for 129 new software vulnerabilities in its September Patch Tuesday update. These included 23 critical flaws impacting multiple platforms, including the Windows Graphic Device Interfaces (GDI), Microsoft SharePoint and Microsoft Exchange Server, 105 that are important in severity and one moderate bug. Fortunately, Microsoft said that there were no public disclosures or exploited CVEs this month.
The most severe issue in the bunch is CVE-2020-16875, which according to researchers is a memory-corruption problem in Microsoft Exchange that could allow remote code execution if an attacker sends a specially crafted email to the affected Exchange Server. Running arbitrary code could then grant attackers the access they need to create new accounts, access, modify or remove data, and install programs.
