As IT administrators do their best to cope with business continuity plans, it’s imperative to understand and manage patch updates. With cybersecurity threats on the rise thanks to the pandemic making its rounds, understanding the Patch Tuesday releases and finding ways to deploy them to remote endpoints efficiently is essential. Microsoft has released fixes for a total of 111 vulnerabilities, among which 13 are classified as Critical, and 91 as Important. Also, it’s been reported that there are no zero-day or unpatched vulnerabilities this month.
A lineup of the significant updates released
Microsoft security updates have been released for:
- Microsoft Windows
- Microsoft Edge (EdgeHTML-based)
- Microsoft Edge (Chromium-based)
- Internet Explorer
- Microsoft Office and Microsoft Office services and Web Apps
- Windows Defender
- Visual Studio
- Microsoft Dynamics
- .NET Framework
- .NET Core
- Power BI
Three Critical vulnerabilities in Microsoft Edge that could potentially allow remote code execution have been fixed this Patch Tuesday.
Also, another potential remote code execution vulnerability in the Microsoft Color Management Module (ICM32.dll) has been fixed.
Shedding some light on this month’s highlights
Vulnerabilities in the Windows graphic components
A total of 10 critical vulnerabilities in the core Windows graphic components that could lead to local elevation of privilege attacks have been fixed. However, in order to exploit these vulnerabilities, one must get their hands on the access to execute codes in the Windows graphical session.
Listed below are the vulnerabilities:
Fixes for the memory corruption vulnerabilities in web browser components
Vulnerabilities in other Windows services
Microsoft has released patch fixes for vulnerabilities in Windows services like Connected User Experiences and Telemetry, Background Intelligent Transfer Service (BITS), Push Notification Services, and Print and Document Services, among others. Find the list of CVE IDs below:
Other notable mentions
- Coinciding with this month’s Patch Tuesday, Adobe has fixed 36 vulnerabilities, including 16 critical flaws in Acrobat, Reader, and its DNG Software Development Kit.
- The servicing stack advisory has been updated for this Patch Tuesday. Read the advisory document to install the latest servicing stack updates available.
Sign up for ManageEngine’s free webinar on Patch Tuesday updates to get a complete break down of the security, non-security, and other third-party updates released for this Patch Tuesday.
Keep reading for a few best practices that are ideal in a remote patch management scenario:
Prioritize security updates over non-security and optional updates.
Directly download patches to endpoints, rather than downloading them in your server and distributing them to remote locations.
Schedule automation tasks specifically for deploying critical patches for timely updates.
Plan to set broad deployment windows so that critical updates are not missed due to unavoidable hindrances.
Allow end users to be able to skip deployments to avoid a disturbance in productivity.
Ensure the machines under your scope do not run any end-of-life OS or applications.
- Always test the patch updates before deploying them to the endpoints.
Ensure you use a secure gateway server to establish a safe connection between your remote endpoints.
Get an idea on how you can implement these best practices with ease using Patch Manager Plus or Desktop Central. Register for our free Patch Tuesday webinar, and observe the-real time execution of these practices. Also, get insights on trending cybersecurity incidents, and clarify all your questions with our product specialists.
Happy patching and stay safe!