Microsoft November 2020 Patch Tuesday arrives with fix for Windows zero-day

The Microsoft November 2020 Patch Tuesday fixes 112 vulnerabilities, 24 of which are remote code execution (RCE) bugs.

what-is-the-windows-10-windows-feature-e-5ee9004761ec3e58764cdb68-1-jun-17-2020-18-58-39-poster.jpg

Microsoft released today its monthly roll-up of security patches known as Patch Tuesday. This month, the Redmond-based company fixed 112 security bugs across a wide range of products, from Microsoft Edge to the Windows WalletService .

Windows 10 security: 'So good, it can block zero-days without being patched'

Systems running the Windows 10 Anniversary Update were shielded from two exploits even before Microsoft had issued patches for them, its researchers have found.

Read More

This month's patches also include a fix for a Windows zero-day vulnerability that was exploited in the wild.

Tracked as CVE-2020-17087, the zero-day was disclosed on October 30 by the Google Project Zero and TAG security teams. Google said the vulnerability was being exploited together with a Chrome zero-day to target Windows 7 and Windows 10 users.

Attackers would use the Chrome zero-day to run malicious code inside Chrome and then use the Windows zero-day to escape the Chrome security sandbox and elevate the code's privileges to attack the underlying OS.

Details about the attack were not published beyond this simple description.

Google discovered the zero-day around mid-October and gave Microsoft seven days to release a patch. Since releasing a security patch for any Microsoft product —and especially the bulky Windows OS— takes time to test and fine-tune, the patch was not ready during the original seven-day disclosure timeline. But it is available starting today.

According to Microsoft's security advisory for CVE-2020-17087, the zero-day resides in the Windows kernel and impacts all currently supported versions of the Windows OS. This includes all versions after Windows 7, and all Windows Server distributions.

But besides the Windows zero-day, there are 111 other vulnerabilities that need to be patched as well, including 24 bugs that can allow remote code execution (RCE) attacks in apps such as Excel, Microsoft Sharepoint, Microsoft Exchange Server, the Windows Network File System, the Windows GDI+ component, the Windows printing spooler service, and even in Microsoft Teams.

While rushing to install patches is a safe approach for most users, system administrators of large networks are advised to test the patches before a broad rollout to avoid any bugs or changes that break internal systems.


Below are additional details about today's Microsoft Patch Tuesday and security updates released by other tech companies:

  • Microsoft's official Security Update Guide portal lists all security updates in a filterable table.
  • ZDNet has published this file listing all this month's security advisories on one single page.
  • Adobe's security updates are detailed here.
  • SAP security updates are available here.
  • Intel security updates are available here.
  • VMWare security updates are available here.
  • Chrome 86 security updates are detailed here.
  • Android security updates are available here.
TagCVE IDCVE Title
Azure DevOps CVE-2020-1325 Azure DevOps Server and Team Foundation Services Spoofing Vulnerability
Azure Sphere CVE-2020-16985 Azure Sphere Information Disclosure Vulnerability
Azure Sphere CVE-2020-16986 Azure Sphere Denial of Service Vulnerability
Azure Sphere CVE-2020-16987 Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere CVE-2020-16984 Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere CVE-2020-16981 Azure Sphere Elevation of Privilege Vulnerability
Azure Sphere CVE-2020-16982 Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere CVE-2020-16983 Azure Sphere Tampering Vulnerability
Azure Sphere CVE-2020-16988 Azure Sphere Elevation of Privilege Vulnerability
Azure Sphere CVE-2020-16993 Azure Sphere Elevation of Privilege Vulnerability
Azure Sphere CVE-2020-16994 Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere CVE-2020-16970 Azure Sphere Unsigned Code Execution Vulnerability
Azure Sphere CVE-2020-16992 Azure Sphere Elevation of Privilege Vulnerability
Azure Sphere CVE-2020-16989 Azure Sphere Elevation of Privilege Vulnerability
Azure Sphere CVE-2020-16990 Azure Sphere Information Disclosure Vulnerability
Azure Sphere CVE-2020-16991 Azure Sphere Unsigned Code Execution Vulnerability
Common Log File System Driver CVE-2020-17088 Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft Browsers CVE-2020-17058 Microsoft Browser Memory Corruption Vulnerability
Microsoft Dynamics CVE-2020-17005 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Microsoft Dynamics CVE-2020-17018 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Microsoft Dynamics CVE-2020-17021 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Microsoft Dynamics CVE-2020-17006 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
Microsoft Exchange Server CVE-2020-17083 Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server CVE-2020-17085 Microsoft Exchange Server Denial of Service Vulnerability
Microsoft Exchange Server CVE-2020-17084 Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Graphics Component CVE-2020-16998 DirectX Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2020-17029 Windows Canonical Display Driver Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2020-17004 Windows Graphics Component Information Disclosure Vulnerability
Microsoft Graphics Component CVE-2020-17038 Win32k Elevation of Privilege Vulnerability
Microsoft Graphics Component CVE-2020-17068 Windows GDI+ Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17065 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17064 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17066 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17019 Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17067 Microsoft Excel Security Feature Bypass Vulnerability
Microsoft Office CVE-2020-17062 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office CVE-2020-17063 Microsoft Office Online Spoofing Vulnerability
Microsoft Office CVE-2020-17020 Microsoft Word Security Feature Bypass Vulnerability
Microsoft Office SharePoint CVE-2020-17016 Microsoft SharePoint Spoofing Vulnerability
Microsoft Office SharePoint CVE-2020-16979 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2020-17015 Microsoft SharePoint Spoofing Vulnerability
Microsoft Office SharePoint CVE-2020-17017 Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint CVE-2020-17061 Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint CVE-2020-17060 Microsoft SharePoint Spoofing Vulnerability
Microsoft Scripting Engine CVE-2020-17048 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2020-17053 Internet Explorer Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2020-17052 Scripting Engine Memory Corruption Vulnerability
Microsoft Scripting Engine CVE-2020-17054 Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Teams CVE-2020-17091 Microsoft Teams Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-17032 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17033 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17026 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17031 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17027 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17030 Windows MSCTF Server Information Disclosure Vulnerability
Microsoft Windows CVE-2020-17028 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17044 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17045 Windows KernelStream Information Disclosure Vulnerability
Microsoft Windows CVE-2020-17046 Windows Error Reporting Denial of Service Vulnerability
Microsoft Windows CVE-2020-17043 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17042 Windows Print Spooler Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-17041 Windows Print Configuration Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17034 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17049 Kerberos Security Feature Bypass Vulnerability
Microsoft Windows CVE-2020-17051 Windows Network File System Remote Code Execution Vulnerability
Microsoft Windows CVE-2020-17040 Windows Hyper-V Security Feature Bypass Vulnerability
Microsoft Windows CVE-2020-17047 Windows Network File System Denial of Service Vulnerability
Microsoft Windows CVE-2020-17036 Windows Function Discovery SSDP Provider Information Disclosure Vulnerability
Microsoft Windows CVE-2020-17000 Remote Desktop Protocol Client Information Disclosure Vulnerability
Microsoft Windows CVE-2020-1599 Windows Spoofing Vulnerability
Microsoft Windows CVE-2020-16997 Remote Desktop Protocol Server Information Disclosure Vulnerability
Microsoft Windows CVE-2020-17001 Windows Print Spooler Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17057 Windows Win32k Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17056 Windows Network File System Information Disclosure Vulnerability
Microsoft Windows CVE-2020-17055 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17010 Win32k Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17007 Windows Error Reporting Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17014 Windows Print Spooler Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17025 Windows Remote Access Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17024 Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17013 Win32k Information Disclosure Vulnerability
Microsoft Windows CVE-2020-17011 Windows Port Class Library Elevation of Privilege Vulnerability
Microsoft Windows CVE-2020-17012 Windows Bind Filter Driver Elevation of Privilege Vulnerability
Microsoft Windows Codecs Library CVE-2020-17106 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-17101 HEIF Image Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-17105 AV1 Video Extension Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-17102 WebP Image Extensions Information Disclosure Vulnerability
Microsoft Windows Codecs Library CVE-2020-17082 Raw Image Extension Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-17086 Raw Image Extension Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-17081 Microsoft Raw Image Extension Information Disclosure Vulnerability
Microsoft Windows Codecs Library CVE-2020-17079 Raw Image Extension Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-17078 Raw Image Extension Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-17107 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-17110 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-17113 Windows Camera Codec Information Disclosure Vulnerability
Microsoft Windows Codecs Library CVE-2020-17108 HEVC Video Extensions Remote Code Execution Vulnerability
Microsoft Windows Codecs Library CVE-2020-17109 HEVC Video Extensions Remote Code Execution Vulnerability
Visual Studio CVE-2020-17104 Visual Studio Code JSHint Extension Remote Code Execution Vulnerability
Visual Studio CVE-2020-17100 Visual Studio Tampering Vulnerability
Windows Defender CVE-2020-17090 Microsoft Defender for Endpoint Security Feature Bypass Vulnerability
Windows Kernel CVE-2020-17035 Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel CVE-2020-17087 Windows Kernel Local Elevation of Privilege Vulnerability
Windows NDIS CVE-2020-17069 Windows NDIS Information Disclosure Vulnerability
Windows Update Stack CVE-2020-17074 Windows Update Orchestrator Service Elevation of Privilege Vulnerability
Windows Update Stack CVE-2020-17073 Windows Update Orchestrator Service Elevation of Privilege Vulnerability
Windows Update Stack CVE-2020-17071 Windows Delivery Optimization Information Disclosure Vulnerability
Windows Update Stack CVE-2020-17075 Windows USO Core Worker Elevation of Privilege Vulnerability
Windows Update Stack CVE-2020-17070 Windows Update Medic Service Elevation of Privilege Vulnerability
Windows Update Stack CVE-2020-17077 Windows Update Stack Elevation of Privilege Vulnerability
Windows Update Stack CVE-2020-17076 Windows Update Orchestrator Service Elevation of Privilege Vulnerability
Windows WalletService CVE-2020-16999 Windows WalletService Information Disclosure Vulnerability
Windows WalletService CVE-2020-17037 Windows WalletService Elevation of Privilege Vulnerability