Updates or security patches are tremendously important. Although we know that on rare occasions they can cause more problems than anything else, it is normal that they serve to close security holes. Every month, Microsoft It launches a series of security patches that serve to update Windows and other products of the company. This July, we have 123 security patches released, 18 of them critical and even one of Windows that closes a hole that has been present for 17 years.
In the traditional Patch tuesday From Microsoft we usually receive dozens of security patches for all its products. This happens on the second Tuesday of each month and in July 2020 we have received a good collection of updates. As we have already explained, there are 123 security problems solved, 18 of them critical and 105 classified as important. This is the second largest patch in history, only surpassed by the 129 that arrived in January of the same year.
The second largest patch in history
Users must install all security updates as soon as possible. We have patches for two vulnerabilities that have already been released, plus a criticism of the Windows DNS. This last vulnerability has been rated as critical with a severity of 10.0 (the highest possible rating given to security vulnerabilities) and affects Windows DNS Server allowing remote code execution.
The vulnerability, discovered by Check Point security experts, has been dubbed SigRed And we can find all the details in the code CVE-2020-1350. It is so dangerous that it allows creating “worm” attacks capable of spreading throughout the network of connected computers. Microsoft even offered mitigations for a 17-year-old ruling.
In relation to the rest of the security patches for critical vulnerabilities, we have three that affect Microsoft Edge and VBScript allowing the user to be attacked when visiting a malicious website. Four other vulnerabilities can allow an attack on the system if the user downloads a series of special files, something that can be achieved with a phishing attack.
The rest of the critical vulnerabilities are related to Hyper-v and they can allow code execution on the computer. In addition, two security flaws classified as important have been fixed, the details of which have been previously published, that is, it was in the public domain. For this reason it is so important to update the system as soon as possible.