중요한 RCE 버그로 가득 찬 화요일 Microsoft의 패치

newsroom 9/10 '20 posted 뉴스 IT

• 시스템 관리자는 위에 나열된 각 RCE 취약성으로 인한 위협을 검토한 다음 이번 달의 보안 업데이트를 즉시 적용해야하는지 아니면 추가 테스트를 위해 연기해야하는지 결정하는 것이 좋습니다.

• "취약점 악용에 성공한 인증된 공격자는 로컬 시스템 계정의 컨텍스트에서 임의의 코드를 실행할 수 있습니다."라고 Microsoft는 설명합니다.

• Microsoft는 9 월 패치 화요일 업데이트에서 129 개의 보안 버그에 대한 패치를 발표했습니다.

• 패치는 Microsoft Windows, Edge (EdgeHTML 기반 및 Chromium 기반 모두), ChakraCore, IE (Internet Explorer), SQL Server, Office 및 Office Services 및 Web Apps, Microsoft Dynamics, Visual Studio, Exchange Server, ASP를 포함한 광범위한 제품용입니다.

Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities [www.zdnet.com]

Microsoft addresses critical SharePoint and DNS-related flaws in Patch Tuesday update [portswigger.net]

Microsoft's Patch Tuesday Packed with Critical RCE Bugs [threatpost.com]

Microsoft issues 129 security fixes as part of Patch Tuesday September [www.techrepublic.com]

Microsoft Patch Tuesday, Sept. 2020 Edition [krebsonsecurity.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

9/10 '20 answered

It's another Paaaaatch Tuesday, with Microsoft fixing 129 vulnerabilities across 15 products. Total includes 20 critical remote execution bugs in Windows and SharePoint servers and more: https://t.co/hV4ZoVb6yb (by ZDNet's @campuscodi)
— Mary Jo Foley (@maryjofoley) September 8, 2020

Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilitieshttps://t.co/DFA2mtZ9FT
— Sami Laiho (@samilaiho) September 9, 2020

The Microsoft September 2020 Patch Tuesday is out

This month we have:

-129 fixes
-32 for RCEs
-20 for "critical" RCEs, including in Windows and SharePointhttps://t.co/uZ9vfB3pMw pic.twitter.com/yfO6hEF3r6
— Catalin Cimpanu (@campuscodi) September 8, 2020

.@Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities
By @ZDNet https://t.co/dLFf3PmX7M #CyberSecurity #Microsoft #Tech #vulnerabilities
Cc: @mclynd @gvalan @baski_LA @CaseyCRL @DrJDrooghaag @fogle_shane @todddlyle @archonsec @PVynckier @CioAmaro @DivergentCIO pic.twitter.com/0KrB2fAkWj
— Fabrizio Bustamante (@Fabriziobustama) September 8, 2020

Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities | ZDNet https://t.co/SAocVdodNq
— Steven M. Salter (@StevenMSalter) September 8, 2020

Microsoft September 2020 Patch Tuesday fixes 129 vulnerabilities https://t.co/ijaqP49pM4 by @campuscodi
— ZDNet (@ZDNet) September 8, 2020

#Security via @threatpost: Microsoft's Patch Tuesday Packed with Critical RCE Bugs https://t.co/SsgzpIqoky #cybersecurity @drjdrooghaag @fabriziobustama @robmay70 @IanLJones98 @NigelTozer @antgrasso @AkwyZ
— Bill Mew #DigitalEthics #TrustinTech #BLM (@BillMew) September 9, 2020

Microsoft's Patch Tuesday Packed with Critical RCE Bugs. The most concerning of the disclosed bugs would allow an attacker to take over Microsoft Exchange just by sending an email.#security #cybernews #cybersecurity #CyberSec #informationsecurity #infosec https://t.co/7oe25tZeKV
— DeadShpere (@iamTdivyesh) September 9, 2020

Microsoft’s Patch Tuesday Packed with Critical RCE Bugs: https://t.co/cvxokh68aE
— The Cyber Security Hub™ (@TheCyberSecHub) September 8, 2020

Microsoft Patch Tuesday, Sept. 2020 Edition https://t.co/Pl1hRTJslx pic.twitter.com/E9SnDCCt2z
— CSPF (@CyberSecurityPr) September 9, 2020

permanent link

Open Wiki - Feel free to edit it. -

9/10 '20 answered

This month's patch Tuesday includes patches for 15 Microsoft products, including 23 critical CVEs. Microsoft issues 129 security fixes as part of Patch Tuesday September... via @techrepublic #infosec #tech #WednesdayWisdom https://t.co/UBKmPS731M
— AJ Durling (@Gurgling_MrD) September 9, 2020

permanent link

Featured

Important Notice: Discontinuation of Our Wiki Service

Dear Valued Users,

We hope this message finds you well. We are writing to inform you of an important upcoming change to our services. After careful consideration and analysis, we have made the difficult decision to discontinue our wiki site, effective one month from 2024/04/30.

This was not an easy decision to make, as we understand the importance of the resources and community that have been built around our wiki. However, due to evolving market conditions and strategic realignments, we must redirect our resources and efforts towards other ventures that will allow us to serve you better in the future.

What This Means for You:

Access to Content: You will continue to have full access to all content on the wiki until the discontinuation date. We encourage you to save or migrate any content you wish to retain.
Final Date of Service: The wiki will become inaccessible starting 1st June 2024, after which all content will be permanently removed.

We are immensely grateful for the support and contributions of our user community throughout the years. The wiki is being retired, but our team will be back soon with new services and apps.

Thank you for being a part of our journey.

Warm regards,

editoy Inc.

Related

Featured