- The Apple Watch Ultra 2 just dropped to its lowest price yet for Black Friday
- The best Black Friday 2024 Kindle deals: Shop sales available now
- The 25+ best smartwatch and fitness tracker deals for Black Friday 2024: Deals are live
- I've tested dozens of power banks. This one is in a class of its own and you can get it for $85
- 인텔이 치러야 할 미 정부 79억 달러 보조금의 대가 ‘지분 매각 제한’
Tripwire Patch Priority Index for December 2020 VERT
Tripwire‘s December 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Pulse Secure, and Oracle.
First on the patch priority list this month are two vulnerabilities that have recently been included within the Metasploit exploit framework. One is a vulnerability in Pulse Secure Desktop Client and the other is a vulnerability that impacts Oracle Solaris versions 10 and 11.
Up next on the patch priority list this month are patches for Microsoft Edge, Excel, Outlook, and PowerPoint. These patches resolve 11 vulnerabilities that exist due to issues such as memory corruption, information disclosure, security feature bypass, and remote code execution vulnerabilities.
Next are patches that affect components of the Windows operating systems. They resolve over 20 vulnerabilities, including elevation of privilege, information disclosure, remote code execution, and memory corruption vulnerabilities. These vulnerabilities affect core Windows, GDI, Kerberos, Error Reporting, Hyper-V, DirectX, Backup Engine, Cloud Files Mini Filter Driver, and others.
Finally, administrators should focus on server-side patches for Microsoft, which resolve issues in Microsoft Dynamics, Microsoft Exchange, and Microsoft SharePoint. These patches resolve several issues, including cross-site scripting, information disclosure, spoofing, and remote code execution vulnerabilities.
| BULLETIN | CVE |
| Exploit Framework: Metasploit | CVE-2020-8956, CVE-2020-14871 |
| Microsoft Edge | CVE-2020-17131 |
| Microsoft Office | CVE-2020-17126, CVE-2020-17128, CVE-2020-17123, CVE-2020-17127, CVE-2020-17125, CVE-2020-17122, CVE-2020-17129, CVE-2020-17130, CVE-2020-17119, CVE-2020-17124 |
| Microsoft Windows | CVE-2020-16996, CVE-2020-17103, CVE-2020-17134, CVE-2020-17136, CVE-2020-17138, CVE-2020-17092, CVE-2020-17139, CVE-2020-17095, CVE-2020-17094, CVE-2020-17137, CVE-2020-17098, CVE-2020-17099, CVE-2020-17097, CVE-2020-16964, CVE-2020-16961, CVE-2020-16960, CVE-2020-16962, CVE-2020-16963, CVE-2020-16959, CVE-2020-16958, CVE-2020-17096, CVE-2020-17140 |
| Microsoft Exchange Server | CVE-2020-17143, CVE-2020-17141, CVE-2020-17142, CVE-2020-17132, CVE-2020-17117 |
| Microsoft Dynamics | CVE-2020-17147, CVE-2020-17133 |
| Microsoft Office SharePoint | CVE-2020-17089, CVE-2020-17120, CVE-2020-17121, CVE-2020-17118, CVE-2020-17115 |
