June 2020 Patch Bulletin
This is a huge month for MS patches with 129 unique vulnerabilities. 13 technologies are updated this month with 6 technologies rated critical and 7 rated important. The good news is that there were no updates that were disclosed or exploited.
For additional details, please find the information from Microsoft below:
| Technology | Products Affected | Severity | Reference | Workaround/Exploited/ Publicly Disclosed Vulnerability Info | |
|---|---|---|---|---|---|
| Windows | Windows 8.1, 8.1 RT, 10, Server 2012, 2012 R2, 2016, 2019 | Critical | CVE-2020-0915 CVE-2020-0916 CVE-2020-0986 CVE-2020-1120 CVE-2020-1160 CVE-2020-1162 CVE-2020-1194 CVE-2020-1196 CVE-2020-1197 CVE-2020-1199 CVE-2020-1201 CVE-2020-1202 CVE-2020-1203 CVE-2020-1204 CVE-2020-1206 CVE-2020-1207 CVE-2020-1208 CVE-2020-1209 CVE-2020-1211 CVE-2020-1212 CVE-2020-1217 CVE-2020-1222 CVE-2020-1231 CVE-2020-1232 CVE-2020-1233 CVE-2020-1234 CVE-2020-1235 CVE-2020-1236 CVE-2020-1237 CVE-2020-1238 CVE-2020-1239 CVE-2020-1241 CVE-2020-1244 CVE-2020-1246 CVE-2020-1247 CVE-2020-1248 CVE-2020-1251 CVE-2020-1253 CVE-2020-1254 CVE-2020-1255 CVE-2020-1257 CVE-2020-1258 CVE-2020-1259 CVE-2020-1261 CVE-2020-1262 CVE-2020-1263 CVE-2020-1264 CVE-2020-1265 CVE-2020-1266 CVE-2020-1268 CVE-2020-1269 CVE-2020-1270 CVE-2020-1271 CVE-2020-1272 CVE-2020-1273 CVE-2020-1274/a> CVE-2020-1275 CVE-2020-1276 CVE-2020-1277 CVE-2020-1278 CVE-2020-1279 CVE-2020-1280 CVE-2020-1281 CVE-2020-1282 CVE-2020-1283 CVE-2020-1284 CVE-2020-1286 CVE-2020-1287 CVE-2020-1290 CVE-2020-1291 CVE-2020-1292 CVE-2020-1293 CVE-2020-1294 CVE-2020-1296 CVE-2020-1299 CVE-2020-1300 CVE-2020-1301 CVE-2020-1302 CVE-2020-1304 CVE-2020-1305 CVE-2020-1306 CVE-2020-1307 CVE-2020-1309 CVE-2020-1310 CVE-2020-1311 CVE-2020-1312 CVE-2020-1313 CVE-2020-1314 CVE-2020-1316 CVE-2020-1317 CVE-2020-1324 CVE-2020-1334 CVE-2020-1348 | Workaround: No Public: No Exploited: No | Elevation of Privilege Remote Code Execution Spoofing Security Feature Bypass Denial of Service Information Disclosure |
| Edge HTML-based | Legacy | Critical | CVE-2020-1073 CVE-2020-1219 CVE-2020-1242 CVE-2020-1065 CVE-2020-1096 | Workaround: No Public: No Exploited: No | Spoofing Remote Code Execution Elevation of Privilege |
| Edge-Chromium | Enterprise | Important | CVE-2020-1195 CVE-2020-1220 | Workaround: No Public: No Exploited: No | Elevation of Privilege Spoofing |
| ChakraCore | All | Critical | CVE-2020-1073 CVE-2020-1219 | Workaround: No Exploited: No Public: No | Remote Code Execution |
| IE | 11 | Critical | CVE-2020-1213 CVE-2020-1214 CVE-2020-1215 CVE-2020-1216 CVE-2020-1219 CVE-2020-1230 CVE-2020-1260 CVE-2020-1315 | Workaround: No Exploited: No Public: No | Remote Code Execution Information Disclosure |
| Office, Office Services, Office Web Apps | 365 Apps for Enterprise Excel 2010, 2013, 2016, 2019, 2016 for Mac, 2019 for Mac SharePoint Enterprise Server 2013, 2016 SharePoint Foundation 2013 SharePoint Server 2020, 2019 Office 365 | 365 Apps for Enterprise Office 2010, 2013, 2016, 2016 for Mac, 2019, 2019 for Mac Project 2010, 2013, 2016 SharePoint Enterprise Server 2013, 2016 SharePoint Foundation 2010, 2013 SharePoint Server 2010, 2019 Office 365 | CVE-2020-1148 CVE-2020-1177 CVE-2020-1178 CVE-2020-1181 CVE-2020-1183 CVE-2020-1225 CVE-2020-1226 CVE-2020-1229 CVE-2020-1289 CVE-2020-1295 CVE-2020-1297 CVE-2020-1298 CVE-2020-1318 CVE-2020-1320 CVE-2020-1321 CVE-2020-1322 CVE-2020-1323 | Workaround: No Exploited: No Public: No | Elevation of Privilege Remote Code Execution Spoofing Security Feature Bypass Information Disclosure |
| Defender | All | Important | CVE-2020-1163 CVE-2020-1170 | Workaround: No Exploited: No Public: No | Elevation of Privilege |
| Visual Studio | 2015, 2017, 2019, Live Share Extension | Critical | CVE-2020-1202 CVE-2020-1203 CVE-2020-1257 CVE-2020-1278 CVE-2020-1293 CVE-2020-1343 | Workaround: No Exploited: No Public: No | Elevation of Privilege Information Disclosure |
| Azure DevOps | Server 2019 | Important | CVE-2020-1327 | Workaround: No Exploited: No Public: No | Spoofing |
| Hololens | Win 10 | Important | CVE-2020-1199 | Workaround: No Exploited: No Public: No | Elevation of Privilege |
| Adobe Flash Player | All | Critical | CVE-2020-9633 | Workaround: No Exploited: No Public: No | Remote Code Execution |
| Apps for Android | Bing search for Android Word for Android | Important | CVE-2020-1223 CVE-2020-1329 | Workaround: No Exploited: No Public: No | Spoofing Remote Code Execution |
| System Center | Endpoint Protection 2012, 2012 R2 | Important | CVE-2020-1163 CVE-2020-1170 | Workaround: No Exploited: No Public: No | Elevation of Privilege |
In case of any questions or clarifications please feel free to reach out to ECHO’s Service Desk.