Microsoft Updates
2473Warning Date
Severity Level
Warning Number
Target Sector
9 December, 2020
● High
2020-2170
All
Description:
Microsoft has released a security updates to address several vulnerabilities in the following products:
- Microsoft Windows
- Microsoft Windows DNS
- Azure DevOps
- Azure SDK
- Microsoft Dynamics
- Microsoft Edge (EdgeHTML-based)
- Microsoft Edge for Android
- Microsoft Exchange Server
- Microsoft Graphics Component
- Microsoft Office and Microsoft Office Services and Web Apps
- Microsoft Office SharePoint
- Visual Studio
- Windows Backup Engine
- Windows Error Reporting
- Windows Hyper-V
- Windows Media
- Windows SMB
- ChakraCore
Threats:
An attacker could exploit these vulnerabilities by doing the following:
- Spoofing
- Security feature bypass
- Cross-site scripting (XSS)
- Execute arbitrary code - remotely
- Memory corruption
- Elevation of Privilege
- Unauthorized disclosure of information
Best practice and Recommendations:
The CERT team encourages users to review Microsoft security advisory and apply the necessary updates:
Update Instructions: