Tripwire Patch Priority Index for April 2020

0

Tripwire’s April 2020 Shred Priority Index (PPI) brings together important vulnerabilities from Microsoft, Advisor, and VMware.

Up first on the patch priority list this month is a make up for VMware vCenter Server. This patch resolves an information disclosure vulnerability. This cover fix up has highest priority as proof-of-concept code to exploit the vulnerability exists on the Web as luckily as in Metasploit.

Up next on the patch priority list this month are set rights for Microsoft Scripting Engine. These patches resolve 6 vulnerabilities, cataloguing remote code execution and memory corruption vulnerabilities.

Next on the careen are patches for Oracle Java, which resolve vulnerabilities related to concurrency, scenario, serialization, JavaFX, JSSE, libraries, and lightweight HTTP server.

Next on the directory are patches for Microsoft Office, Excel, Word, and Visual Studio. These call a truces resolve 6 vulnerabilities, including remote code execution and elevation of dispensation.

Next this month are patches that affect components of the Windows manipulating systems. These patches resolve more than 60 vulnerabilities, subsuming denial of service, elevation of privilege, information disclosure, remote cryptogram execution, and memory corruption. These vulnerabilities affect Connected Narcotic addict Experiences and Telemetry Service, core Windows, Codecs Library, Proceed Notification Service, DNS, Jet Database Engine, Adobe Font Manager Library, DirectX, GDI+, Graphics Component, Nut, Media Foundation, and Windows Update.

Next are patches for Hyper-V that answer 2 elevation of privilege vulnerabilities along with a remote code killing vulnerability.

Finally, administrators should focus on server-side patches nearby for Microsoft Dynamics and SharePoint. These patches resolve remote jus canonicum canon law execution, cross-site scripting, information disclosure, and spoofing vulnerabilities.

Account
CVE
VMSA-2020-0006
CVE-2020-3952
Microsoft Scripting Engine
CVE-2020-0969, CVE-2020-0970, CVE-2020-0968, CVE-2020-0966, CVE-2020-0967, CVE-2020-0895
Prophet Java
CVE-2020-2830, CVE-2020-2755, CVE-2020-2754, CVE-2020-2757, CVE-2020-2756, CVE-2019-18197, CVE-2020-2816, CVE-2020-2803, CVE-2020-2781, CVE-2020-2805, CVE-2020-2778, CVE-2020-2764, CVE-2020-2800, CVE-2020-2773, CVE-2020-2767
Microsoft Position
CVE-2020-0961, CVE-2020-0760, CVE-2020-0991
Microsoft Outshine
CVE-2020-0906
Microsoft Word
CVE-2020-0980
Visual Studio
CVE-2020-0900
Microsoft Windows I
CVE-2020-0942, CVE-2020-0944, CVE-2020-1029, CVE-2020-0965, CVE-2020-0794, CVE-2020-1011, CVE-2020-1009, CVE-2020-0934, CVE-2020-1017, CVE-2020-1001, CVE-2020-1006, CVE-2020-0940, CVE-2020-1016, CVE-2020-0981, CVE-2020-1094, CVE-2020-0993, CVE-2020-0988, CVE-2020-1008, CVE-2020-0953, CVE-2020-0889, CVE-2020-0992, CVE-2020-0959, CVE-2020-0960, CVE-2020-0995, CVE-2020-0994, CVE-2020-0999, CVE-2020-0938, CVE-2020-1020, CVE-2020-0784, CVE-2020-0964, CVE-2020-0987, CVE-2020-0982
Microsoft Windows II
CVE-2020-1005, CVE-2020-0907, CVE-2020-0687, CVE-2020-0958, CVE-2020-0952, CVE-2020-1004, CVE-2020-0937, CVE-2020-0946, CVE-2020-0947, CVE-2020-0945, CVE-2020-0939, CVE-2020-0950, CVE-2020-0948, CVE-2020-0949, CVE-2020-0888, CVE-2020-0957, CVE-2020-0956, CVE-2020-0699, CVE-2020-0962, CVE-2020-1015, CVE-2020-1000, CVE-2020-1027, CVE-2020-0913, CVE-2020-1003, CVE-2020-0821, CVE-2020-1007, CVE-2020-0955, CVE-2020-0936, CVE-2020-1014, CVE-2020-0983, CVE-2020-0985, CVE-2020-0996
Windows Hyper-V
CVE-2020-0918, CVE-2020-0917, CVE-2020-0910
Microsoft Dynamics
CVE-2020-1022, CVE-2020-1050, CVE-2020-1049, CVE-2020-1018
Microsoft Responsibility SharePoint
CVE-2020-0933, CVE-2020-0930, CVE-2020-0924, CVE-2020-0925, CVE-2020-0978, CVE-2020-0926, CVE-2020-0927, CVE-2020-0923, CVE-2020-0954, CVE-2020-0973, CVE-2020-0932, CVE-2020-0920, CVE-2020-0929, CVE-2020-0974, CVE-2020-0971, CVE-2020-0977, CVE-2020-0976, CVE-2020-0975, CVE-2020-0972, CVE-2020-0931

To learn uncountable about Tripwire’s Vulnerability and Exposure Research Team (VERT), categorizing its Patch Priority Index, click here.

Or for PPI and more, you can follow VERT on Peep: @tripwirevert.

Leave a Reply

Your email address will not be published. Required fields are marked *