June 2020 Patch Bulletin

June 2020 Patch Bulletin

This is a huge month for MS patches with 129 unique vulnerabilities.  13 technologies are updated this month with 6 technologies rated critical and 7 rated important.  The good news is that there were no updates that were disclosed or exploited.

For additional details, please find the information from Microsoft below:

Technology Products Affected SeverityReferenceWorkaround/Exploited/ Publicly Disclosed Vulnerability Info
 
WindowsWindows 8.1, 8.1 RT, 10, Server 2012, 2012 R2, 2016, 2019Critical CVE-2020-0915
CVE-2020-0916
CVE-2020-0986
CVE-2020-1120
CVE-2020-1160
CVE-2020-1162
CVE-2020-1194
CVE-2020-1196
CVE-2020-1197
CVE-2020-1199
CVE-2020-1201
CVE-2020-1202
CVE-2020-1203
CVE-2020-1204
CVE-2020-1206
CVE-2020-1207
CVE-2020-1208
CVE-2020-1209
CVE-2020-1211
CVE-2020-1212
CVE-2020-1217
CVE-2020-1222
CVE-2020-1231
CVE-2020-1232
CVE-2020-1233
CVE-2020-1234
CVE-2020-1235
CVE-2020-1236
CVE-2020-1237
CVE-2020-1238
CVE-2020-1239
CVE-2020-1241
CVE-2020-1244
CVE-2020-1246
CVE-2020-1247
CVE-2020-1248
CVE-2020-1251
CVE-2020-1253
CVE-2020-1254
CVE-2020-1255
CVE-2020-1257
CVE-2020-1258
CVE-2020-1259
CVE-2020-1261
CVE-2020-1262
CVE-2020-1263
CVE-2020-1264
CVE-2020-1265
CVE-2020-1266
CVE-2020-1268
CVE-2020-1269
CVE-2020-1270
CVE-2020-1271
CVE-2020-1272
CVE-2020-1273
CVE-2020-1274/a>
CVE-2020-1275
CVE-2020-1276
CVE-2020-1277
CVE-2020-1278
CVE-2020-1279
CVE-2020-1280
CVE-2020-1281
CVE-2020-1282
CVE-2020-1283
CVE-2020-1284
CVE-2020-1286
CVE-2020-1287
CVE-2020-1290
CVE-2020-1291
CVE-2020-1292
CVE-2020-1293
CVE-2020-1294
CVE-2020-1296
CVE-2020-1299
CVE-2020-1300
CVE-2020-1301
CVE-2020-1302
CVE-2020-1304
CVE-2020-1305
CVE-2020-1306
CVE-2020-1307
CVE-2020-1309
CVE-2020-1310
CVE-2020-1311
CVE-2020-1312
CVE-2020-1313
CVE-2020-1314
CVE-2020-1316
CVE-2020-1317
CVE-2020-1324
CVE-2020-1334
CVE-2020-1348
Workaround: No
Public: No
Exploited: No
Elevation of Privilege
Remote Code Execution
Spoofing
Security Feature Bypass
Denial of Service
Information Disclosure
Edge HTML-basedLegacyCriticalCVE-2020-1073
CVE-2020-1219
CVE-2020-1242
CVE-2020-1065
CVE-2020-1096
Workaround: No
Public: No
Exploited: No
Spoofing
Remote Code Execution
Elevation of Privilege
Edge-Chromium
EnterpriseImportantCVE-2020-1195
CVE-2020-1220
Workaround: No
Public: No
Exploited: No
Elevation of Privilege
Spoofing
ChakraCoreAllCriticalCVE-2020-1073
CVE-2020-1219
Workaround: No
Exploited: No
Public: No
Remote Code Execution
IE11CriticalCVE-2020-1213
CVE-2020-1214
CVE-2020-1215
CVE-2020-1216
CVE-2020-1219
CVE-2020-1230
CVE-2020-1260
CVE-2020-1315
Workaround: No
Exploited: No
Public: No
Remote Code Execution
Information Disclosure
Office, Office Services, Office Web Apps365 Apps for Enterprise
Excel 2010, 2013, 2016, 2019, 2016 for Mac, 2019 for Mac
SharePoint Enterprise Server 2013, 2016
SharePoint Foundation 2013

SharePoint Server 2020, 2019
Office 365
365 Apps for Enterprise
Office 2010, 2013, 2016, 2016 for Mac, 2019, 2019 for Mac
Project 2010, 2013, 2016
SharePoint Enterprise Server 2013, 2016
SharePoint Foundation 2010, 2013

SharePoint Server 2010, 2019
Office 365
CVE-2020-1148
CVE-2020-1177
CVE-2020-1178
CVE-2020-1181
CVE-2020-1183
CVE-2020-1225
CVE-2020-1226
CVE-2020-1229
CVE-2020-1289
CVE-2020-1295
CVE-2020-1297
CVE-2020-1298
CVE-2020-1318
CVE-2020-1320
CVE-2020-1321
CVE-2020-1322
CVE-2020-1323
Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Remote Code Execution
Spoofing
Security Feature Bypass
Information Disclosure
DefenderAllImportantCVE-2020-1163
CVE-2020-1170
Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Visual Studio2015, 2017, 2019, Live Share ExtensionCriticalCVE-2020-1202
CVE-2020-1203
CVE-2020-1257
CVE-2020-1278
CVE-2020-1293
CVE-2020-1343
Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Information Disclosure
Azure DevOpsServer 2019ImportantCVE-2020-1327Workaround: No
Exploited: No
Public: No
Spoofing
HololensWin 10ImportantCVE-2020-1199Workaround: No
Exploited: No
Public: No
Elevation of Privilege
Adobe Flash PlayerAllCriticalCVE-2020-9633Workaround: No
Exploited: No
Public: No
Remote Code Execution
Apps for AndroidBing search for Android
Word for Android
ImportantCVE-2020-1223
CVE-2020-1329
Workaround: No
Exploited: No
Public: No
Spoofing
Remote Code Execution
System CenterEndpoint Protection 2012, 2012 R2ImportantCVE-2020-1163
CVE-2020-1170
Workaround: No
Exploited: No
Public: No
Elevation of Privilege

In case of any questions or clarifications please feel free to reach out to ECHO’s Service Desk.