Patch Tuesday, the monthly security update, is out for the current month.
This month’s patch fixed 123 security flaws across 13 products. Thankfully, none of them have been reported being exploited.
The Most Severe Bug
The most significant bug that was patched is CVE-2020-1350 in the Windows Server DNS component.
It was discovered by Check Point researcher, and it ranked a 10 out of 10 severity rating, as researchers suggested that the bug can be easily weaponized to produce wormable malware.
Here are other important issues that were addressed in the July patch:
- The RemoteFX vGPU component of Microsoft’s Hyper-V hypervisor technology (CVE-2020-1041, CVE-2020-1040, CVE-2020-1032, CVE-2020-1036, CVE-2020-1042, CVE-2020-1043)
- The Jet Database Engine included with some Office applications (CVE-2020-1400, CVE-2020-1401, CVE-2020-1407)
- Microsoft Word (CVE-2020-1446, CVE-2020-1447, CVE-2020-1448)
- Microsoft Excel (CVE-2020-1240)
- Microsoft Outlook (CVE-2020-1349)
- Microsoft Sharepoint (CVE-2020-1444)
- Windows LNK shortcut files (CVE-2020-1421)
- Various Windows graphics components (CVE-2020-1435, CVE-2020-1408, CVE-2020-1412, CVE-2020-1409, CVE-2020-1436, CVE-2020-1355)
The “remote code execution” vulnerabilities are the worst ones since they allow hackers to remotely run code on machines in remote attack conditions.
Since patch Tuesday is a monthly release, administrators can’t pick which patches to apply and which they don’t.
System administrators must review the threat posed by the previously listed RCE vulnerabilities and figure the urgency to patch each respective organization.
Those who manage large computer fleets like those used across enterprises or government organizations are advised to test the July patch for any bugs before installing it on all systems.
Malware developers usually follow Microsoft’s monthly security updates, pick the most dangerous/lucrative bugs, and patch-diff the security updates packages to discover precisely the bug that was fixed and weaponize it for future attacks.
It would help if you considered installing the latest patch. It fixes so much that it would be a mistake not to install it. Perhaps you should wait for a day or two and see if any problems related to the patch are reported.