December 2020 Patch Tuesday fixes 58 vulnerabilities

As IT administrators do their best to cope with business continuity plans, it’s imperative that they understand and manage patch updates. With cybersecurity threats on the rise thanks to the pandemic, getting a better understanding of the Patch Tuesday releases and finding ways to deploy them to remote endpoints efficiently is essential. Microsoft has released fixes for a total of 58 vulnerabilities, which is the least of all the whopping Patch Tuesday numbers we’ve seen this year. Among these vulnerabilities, nine are classified as Critical and 48 as Important. There are no zero-day or unpatched vulnerabilities this month.

 A lineup of significant updates

 Microsoft security updates have been released for:

•  Microsoft Dynamic.
•  Microsoft Exchange Server.
•  Microsoft Edge (EdgeHTML-based).
•  Microsoft Office SharePoint.
•  Windows Hyper-V.

Noteworthy updates

 Here are three Critical vulnerabilities that are especially noteworthy:

• CVE-2020-17095 – Hyper-V Remote Code Execution Vulnerability: Allows malicious programs to execute arbitrary code on host Hyper-V VMs

• CVE-2020-17096 – Windows NTFS Remote Code Execution Vulnerability: Allows attackers to gain elevated privileges and execute arbitrary commands both locally and remotely

• CVE-2020-17099 – Windows Lock Screen Security Feature Bypass Vulnerability: Allows command execution from a locked Windows device

 Shedding some light on this month’s highlights

A total of nine Critical vulnerabilities have been reported this Patch Tuesday; those are listed below. 

 Third-party updates released this month

Coinciding with this month’s Patch Tuesday, Google and Apple have released their own security updates for Android and iOS respectively. We also have notable security updates from SAP, D-Link, Cisco, QNAP, and VMware. 

Sign up for our free webinar on Patch Tuesday updates to get a complete breakdown of the security, non-security, and third-party updates released this Patch Tuesday. 

Keep reading for a few best practices that are ideal in a remote patch management scenario.

• Prioritize security updates over non-security and optional updates.

• Download patches directly to endpoints rather than saving them on your server and distributing them to remote locations.

• Schedule automation tasks specifically for deploying critical patches for timely updates.

• Plan to set broad deployment windows so critical updates aren’t missed due to unavoidable hindrances.

• Allow end users to skip deployments to avoid disturbing their productivity.

• Ensure the machines under your scope aren’t running any end-of-life OSs or applications.

• Ensure you use a secure gateway server to establish a safe connection between your remote endpoints.

Want to see how you can implement these best practices with ease using Patch Manager Plus or Desktop Central? Register for our free Patch Tuesday webinar, and watch our experts carry out these practices in real time. You’ll also get insights on trending cybersecurity incidents, and our product specialists will be available to clarify any questions you might have.

Happy patching!