Microsoft Delivers Essential Updates in Last Patch Tuesday of 2020

Patch Tuesday provides the usual critical security updates for Microsoft products.

The last Microsoft patch on Tuesday in 2020 was full of security patches and updated bugs that affected most Microsoft products.

Microsoft Key Logo function

While the December 2020 patch Tuesday may not have been the biggest of the year, it contained nine key fixes for a total of 58 bug fixes for users.

What's in Microsoft's December 2020 Patch Tuesday?

Patch Tuesday refers to the first Tuesday of every month on which Microsoft and other major technology companies release their security patches for that month. The security patches range from critical security holes to more fundamental problems.

The last patch from Microsoft on Tuesday in 2020 contained the second smallest security holes of the entire year. However, it also contained nine critical vulnerabilities that must be addressed immediately.

The Patch Tuesday errors include fixes for Windows 10, Microsoft Edge, Microsoft Office, Exchange Server, and various Microsoft Azure products.

Of the nine critical errors, all bars are remote code execution vulnerabilities affecting Microsoft Dynamics 365, Microsoft Exchange, and Microsoft SharePoint. The final fix addresses a critical memory corruption vulnerability with the Chakra Scripting Engine.

Related Topics: How to Protect Yourself from a Zero-Day Exploit

Zero-day exploit

5 ways to protect yourself from a zero-day exploit

Zero-day exploits, software vulnerabilities that are exploited by hackers before a patch becomes available, pose a real threat to your data and your privacy. This is how you can keep hackers at bay.

Patches with a remote code execution vulnerability are incredibly important to get installed as soon as possible. Remote code execution could allow an attacker to remotely access and modify a computer.

Because many of the Microsoft products that are affected by these issues are enterprise-grade, it is important to resolve the vulnerabilities. However, there is no indication that any of these critical vulnerabilities are actively being exploited in the wild at the time of writing.

There's a surprising lack of browser-related security patches. Dustin Childs of the Zero Day Initiative, an organization that looks for zero-day vulnerabilities, writes:

If viewed critically at the remaining updates, only one (surprisingly) will affect the browser. This patch fixes a bug in the JIT compiler. By taking actions in JavaScript, an attacker could trigger a memory corruption condition that leads to code execution. The lack of browser updates could also be a conscious decision by Microsoft to ensure that a buggy patch for a browser doesn't disrupt online shopping during the holiday season.

What about non-critical security patches?

Microsoft has released 46 fixes that were rated as important in addition to the fixes for critical vulnerabilities, with three fixes rated as moderate.

The major fixes include various vulnerabilities in Microsoft Office programs, including remote code execution vulnerabilities for Excel, PowerPoint, and Outlook. Other Microsoft products that are receiving critical security patches are SharePoint, Microsoft Exchange, Dynamics CRM, Visual Code Studio, Windows Error Reports, and various Azure products.

Related topics: What's New in the Latest Windows 10 Cumulative Update?

When is the next patch Tuesday?

December Patch Tuesday is always easier than other months of the year. Microsoft is giving a small respite from the considerable number of security patches that must be installed each month.

However, if security patches become available for your Microsoft product, you should install them as soon as possible.

Microsoft released over 1,200 patches in 2020, significantly more than the 840 in 2019. And in case you're wondering, the first patch Tuesday in 2021 will be released on January 12th.

The Windows Updates screen in Windows 10

The Microsoft patch for August 2020 fixes 120 security exploits

The August 2020 patch for Windows 10 fixes 120 security vulnerabilities, two of which are known to hackers.

About the author

Gavin Phillips
(627 articles published)

Gavin is the junior editor for Windows and Technology Explained, contributing regularly to the Really Useful Podcast, and was the editor for MakeUseOf's crypto-focused sister site Blocks Decoded. He has a BA (Hons) in Contemporary Writing with Digital Art Practices Looted from the Devon Hills and over a decade of writing experience. He enjoys plenty of tea, board games, and soccer.

More from Gavin Phillips

Subscribe to our newsletter

Subscribe to our newsletter for tech tips, reviews, free e-books, and exclusive deals!

One more step …!

Please confirm your email address in the email we just sent you.

. "border =" 0

Leave a Reply

Your email address will not be published. Required fields are marked *