HomeNewsBiggest-ever Monthly Security Updates: Microsoft June Patch Tuesday fixes 129 bugs

Biggest-ever Monthly Security Updates: Microsoft June Patch Tuesday fixes 129 bugs

If you purchase via links on our reader-supported site, we may receive affiliate commissions.

In June 2020, Microsoft released what appears to be the largest patch Tuesday released in Microsoft’s history. The company published the monthly security updates fixing about 129 bugs that escaped being exploited by cybercriminals despite the huge number, unlike other monthly updates.

The June 2020 updates include CVEs for 11 vital remote code-execution bugs that received patches in Windows Shell, VBScript, Windows, and SharePoint servers.

Also included in the June 2020 released patches are updates for Internet Explorer (IE), CHakraCore, Microsoft Edge (Edge HTML based, and Chromium-based in IE Mode), Web Apps, and Microsoft Office, Microsoft Dynamics, Visual Studio, Windows Defender, Microsoft Apps for Android and Azure DevOps.

These latest patches have now increased the total release for the year to 616 variety of bugs, which is 49 less than the total number of all CVEs released in 2017 according to Trend Micro’s Zero Day Initiative’s Dustin Childs.

Meanwhile, Malware developers are notorious for spying on MS’ monthly security updates, in order to filter out important bugs, and patch-diff the security updates to identify the exact bug that Microsoft fixed, then weaponize it as quickly as possible for fraudulent purposes.

More About The Microsoft Security Updates

A trio of fixes (CVE-2020-1284), (CVE-2020-1206), and (CVE-2020-1301) became outstanding in the Patch Tuesday update due to being rated as “exploitation more likely” according to Microsoft’s Exploitability Index with two of these bugs (CVE-2020-1284), and (CVE-2020-1206) subsist in Microsoft Server Message Block 3.1.1 (SMBV3). This was made known by Satnam Narang, Tenable’s staff research engineer.

READ ALSO: Android releases June 2020 Patches for Critical RCE vulnerabilities

Narang continued by saying the third bug (CVE-2020-1301) “may likely create a sense of déjà vu” for another remote code-execution bug in SMBv1, EternalBlue, as used in the WannaCry 2017 ransomware attacks.

He also strongly recommends disabling SMBv1 irrespective of the aforementioned, being a legacy protocol that should be discarded,”. He also advises organizations to upgrade from Windows 7, and Windows 8 since Microsoft no longer releases patches for unsupported operating systems.

System administrators who control multiple computers mostly found in enterprises and government organizations are advised to evaluate the recent updates for any vulnerability and deploy them on time.



Subscribe to SecureBlitz Newsletter

* indicates required
Marie Beaujolie
Marie Beaujolie
Marie Beaujolie is a computer network engineer and content writer from Paris. She is passionate about technology and exploring new ways to make people’s lives easier. Marie has been working in the IT industry for many years and has a wealth of knowledge about computer security and best practices. She is a regular contributor for SecureBlitz.com, where she writes about the latest trends and news in the cyber security industry. Marie is committed to helping people stay safe online and encouraging them to take the necessary steps to protect their data.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.