July Patch Tuesday

While the meaning of new normal keeps changing, this Patch Tuesday was an almost typical lineup that included 123 CVEs, 18 of which were rated as Critical. There were three vulnerabilities to take special note of this month. The first was publicly disclosed (CVE-2020-1463), the second is a not-so-normal Service Stack Update for all of Microsoft’s Windows versions (CVE-2020-1346) and a critical vulnerability in Windows DNS Server that is worm-able (CVE-2020-1350). The 18 Critical CVEs overall affect Windows OS, IE, Office, Sharepoint, .Net Framework and Visual Studio. In other news, Oracle pre-announced their quarterly CPU and Google also set off July fireworks with a Google Chrome update resolving 38 vulnerabilities including at least one Critical and many High CVEs.