Patching in Review – Week 6 of 2020
Brian Secrist
It’s hard to believe the second Patch Tuesday of the year is around the corner. With an IE zero-day still expected to be fixed, let us hope that we find ourselves with a smooth rollout. Make sure to tune in to our Patch Tuesday webinar next week where we analyze the vulnerabilities and known issues from Microsoft for the month.
In the news, Microsoft delivered with final updates this week for Windows 7 and Server 2008 R2. This fix comes after a nasty wallpaper bug where the background would be replaced by a black screen. Surprisingly, a standalone fix under KB4539602 as well as a Monthly Rollup preview under KB4539601 have been released to remediate the wallpaper bug.
Security Releases
Google Chrome released a new major version this week with a total of 56 security fixes and 38 CVEs. Version 80.0.3987.87 released on Tuesday with 10 of the vulnerabilities acquiring a High severity. Expect a corresponding release for Microsoft’s Edge browser as it is now based on the chromium engine.
Node.JS released their February security updates for version 10, 12 and 13 with a total of 3 CVEs. The most notable vulnerability has been assigned CVE-2019-15605 with a Critical severity. Synk.io wrote a great article detailing this vulnerability where unpatched versions can fall victim to an HTTP smuggling attack.
Third-Party Updates
The final week before Patch Tuesday ended with a relatively light release. See the list of non-securities below to prepare for your next cycle.
|
Software Title |
Ivanti ID |
Ivanti KB |
|
Box Drive 2.11.46 |
BOXD-200114 |
QBOXD21146 |
|
Dropbox 90.4.307 |
DROPBOX-200204 |
QDROPBOX904307 |
|
Evernote 6.23.2.8859 |
ENOT-200206 |
QENOT62328859 |
|
GoodSync 10.10.21.1 |
GOODSYNC-200205 |
QGS1010211 |
|
GoodSync 10.10.21.5 |
GOODSYNC-200207 |
QGS1010215 |
|
Opera 66.0.3515.72 |
OPERA-200205 |
QOP660351572 |
|
PeaZip 7.1.0 |
PZIP-200203 |
QPZIP710 |
|
Plex Media Player 2.50.0 |
PLXP-200205 |
QPLXP2500 |
|
RealVNC Server 6.7.1 |
RVNC-200207 |
QRVNC671 |
|
Royal TS 5.02.60204.0 |
RTS5-200204 |
QRTS502602040 |
|
Royal TS 5.02.60207.0 |
RTS5-200207 |
QRTS502602070 |
|
Visual Studio Code 1.42.0 |
MSNS20-0207-CODE |
QVSCODE142 |
