Of course, the highlight of these monthly updates is the security enhancements that everyone awaits, as it seems that 2020 has become an arms race between vulnerabilities and those that identify and fix them. Here’s a brief rundown of how the year 2020 has been as far as CVEs are concerned:

February: 99 CVEs March: 115 CVEs April: 118 CVEs May: 147 CVEs June: 139 CVEs July: 136 CVEs

Speaking of which, This month precisely 146 CVEs were identified and taken care of for both Microsoft and Adobe products as well.

Over 140 Microsoft and Adobe CVEs were identified

This month brings fixes to a total of 146 CVEs, 26 of which are for Adobe products, while 120 are for Microsoft products and, as usual, they vary in severity.

26 CVEs were discovered this past month when it comes to Adobe products, and they affect programs like Adobe Lightroom and  Acrobat Pro DC. These CVEs include common ones like Use-After-Free (UAF), OOB Write, stack exhaustion, and memory corruption bugs. Compared to other months, only one of the 26 identified CVEs were rated as Critical, and it is called CVE-2020-9712.

A total of 120 CVEs were identified affecting Microsoft products like Microsoft Windows, Edge (EdgeHTML-based and Chromium-based), ChakraCore, Internet Explorer (IE), Microsoft Scripting Engine, SQL Server, .NET Framework, ASP.NET Core, Office and Office Services and Web Apps, Windows Codecs Library, and Microsoft Dynamics This month marks yet another time when over 100 CVE were fount, bringing the grand total for the year 2020 to 862, already exceeding the number of CVE identified in the entirety of 2019. The 120 CVEs identified were rated as follows:

13 are rated as being Critical 107 are rated as being Important

Which were some of the most severe CVEs?

CVE-2020-1380 Scripting Engine Memory Corruption Vulnerability CVE-2020-1464 Windows Spoofing Vulnerability CVE-2020-1472 NetLogon Elevation of Privilege Vulnerability CVE-2020-1585 Microsoft Windows Codecs Library Remote Code Execution Vulnerability

For a complete list of all identified CVEs for the August Patch Tuesday updates, head over to this dedicated article. If you haven’t seen a vulnerability you are aware of on this list, then maybe you should wait until next month on September 8, since that’s when the next Patch Tuesday will be.

If you have any other suggestions for our articles, leave us your feedback in the comments section below.

Name * Email * Commenting as . Not you? Save information for future comments
Comment

Δ