Úterý 14.1. 2020 se stalo pro mnohé uživatele dnem, který bude znamenat velké potíže s bezpečností. Vyšly poslední aktualizace Windows 7 pokud nemáte placenu speciální podporu bude s přibývajícím časem systém čím dál snadněji napadnutelný a déle neždobu nutnou k přechodu na Windows 10 se rozhodně nedá doporučit Windows 7 v produkčním prostředí provozovat.

To že bylo jinak aktualizováno a zabezpečeno více než 4 desítky nových zranitelností v Microsoft technologiích jen dokresluje jak důležité aktualizace jsou.
Vzhledem k důležitosti a nyní hojně napadanému RDp obzvláště doporučujeme aktualizovat RD gateway servery.

Microsoft Security Updates

.NET Framework

1.NET FrameworkCVE-2020-0606.NET Framework Remote Code Execution Vulnerability
2.NET FrameworkCVE-2020-0605.NET Framework Remote Code Execution Vulnerability
3.NET FrameworkCVE-2020-0646.NET Framework Remote Code Execution Injection Vulnerability

Windows RDP

1Windows RDPCVE-2020-0609Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability
2Windows RDPCVE-2020-0637Remote Desktop Web Access Information Disclosure Vulnerability
3Windows RDPCVE-2020-0612Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability
4Windows RDPCVE-2020-0611Remote Desktop Client Remote Code Execution Vulnerability
5Windows RDPCVE-2020-0610Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability

Microsoft Windows

1Microsoft WindowsCVE-2020-0644Windows Elevation of Privilege Vulnerability
2Microsoft WindowsCVE-2020-0624Win32k Elevation of Privilege Vulnerability
3Microsoft WindowsCVE-2020-0635Windows Elevation of Privilege Vulnerability
4Microsoft WindowsCVE-2020-0620Microsoft Cryptographic Services Elevation of Privilege Vulnerability
5Microsoft WindowsCVE-2020-0616Microsoft Windows Denial of Service Vulnerability
6Microsoft WindowsCVE-2020-0608Win32k Information Disclosure Vulnerability
7Microsoft WindowsCVE-2020-0601Windows CryptoAPI Spoofing Vulnerability
8Microsoft WindowsCVE-2020-0621Windows Security Feature Bypass Vulnerability

Microsoft Windows Search Component

1Microsoft Windows Search ComponentCVE-2020-0633Windows Search Indexer Elevation of Privilege Vulnerability
2Microsoft Windows Search ComponentCVE-2020-0623Windows Search Indexer Elevation of Privilege Vulnerability
3Microsoft Windows Search ComponentCVE-2020-0613Windows Search Indexer Elevation of Privilege Vulnerability
4Microsoft Windows Search ComponentCVE-2020-0614Windows Search Indexer Elevation of Privilege Vulnerability
5Microsoft Windows Search ComponentCVE-2020-0632Windows Search Indexer Elevation of Privilege Vulnerability
6Microsoft Windows Search ComponentCVE-2020-0627Windows Search Indexer Elevation of Privilege Vulnerability
7Microsoft Windows Search ComponentCVE-2020-0628Windows Search Indexer Elevation of Privilege Vulnerability
8Microsoft Windows Search ComponentCVE-2020-0625Windows Search Indexer Elevation of Privilege Vulnerability
9Microsoft Windows Search ComponentCVE-2020-0626Windows Search Indexer Elevation of Privilege Vulnerability
10Microsoft Windows Search ComponentCVE-2020-0629Windows Search Indexer Elevation of Privilege Vulnerability
11Microsoft Windows Search ComponentCVE-2020-0631Windows Search Indexer Elevation of Privilege Vulnerability
12Microsoft Windows Search ComponentCVE-2020-0630Windows Search Indexer Elevation of Privilege Vulnerability

Microsoft Office

1Microsoft OfficeCVE-2020-0650Microsoft Excel Remote Code Execution Vulnerability
2Microsoft OfficeCVE-2020-0652Microsoft Office Memory Corruption Vulnerability
3Microsoft OfficeCVE-2020-0653Microsoft Excel Remote Code Execution Vulnerability
4Microsoft OfficeCVE-2020-0651Microsoft Excel Remote Code Execution Vulnerability
5Microsoft OfficeCVE-2020-0647Microsoft Office Online Spoofing Vulnerability

Other software products

1AppsCVE-2020-0654Microsoft OneDrive for Android Security Feature Bypass Vulnerability
2ASP.NETCVE-2020-0603ASP.NET Core Remote Code Execution Vulnerability
3ASP.NETCVE-2020-0602ASP.NET Core Denial of Service Vulnerability
4Common Log File System DriverCVE-2020-0615Windows Common Log File System Driver Information Disclosure Vulnerability
5Common Log File System DriverCVE-2020-0634Windows Common Log File System Driver Elevation of Privilege Vulnerability
6Common Log File System DriverCVE-2020-0639Windows Common Log File System Driver Information Disclosure Vulnerability
7Microsoft DynamicsCVE-2020-0656Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
8Windows Hyper-VCVE-2020-0617Hyper-V Denial of Service Vulnerability
9Windows MediaCVE-2020-0641Microsoft Windows Elevation of Privilege Vulnerability
10Windows Subsystem for LinuxCVE-2020-0636Windows Subsystem for Linux Elevation of Privilege Vulnerability
11Windows Update StackCVE-2020-0638 Update Notification Manager Elevation of Privilege
Velké úterý v bezpečnosti

Napsat komentář