76 vulnerabilities for Windows OS, Microsoft browsers and Office have been patched. Silver lining in this month seems to be the lower number of the vulnerabilities. Let’s hope that this is a positive trend which will go on in the following months as well.

Nevertheless this month certainly cannot be overlooked. There are critical updates and quite a few publicly disclosed vulnerabilities. I wonder if there have been this many of those lately. Anyhow, there are 5 publicly disclosed vulnerabilities. It means that information about these vulnerabilities has been released before the patch Tuesday. The vulnerabilities are CVE-2020-16885CVE-2020-16901CVE-2020-16909CVE-2020-16938 and CVE-2020-16908. The highest CVSS rating among these vulnerabilities will go as high as 7.8. In addition to that, Microsoft classifies all of them to be exploited less likely. The most critical vulnerability of the month, according to CVSS, is CVE-2020-16898. The vulnerability is rated with 9,8 points and Microsoft acknowledges the vulnerability to be exploited more likely. Here is a CVSS-calculation to that very vulnerability.

The impact and scoring of these and other vulnerabilities can be explored with Common Vulnerability Scoring System Calculator. Microsoft posts CVSS-calculator (maintained by National Vulnerability Database) links for all the vulnerabilities in their vulnerability articles. More thorough information of the vulnerabilities can be found from Microsoft’s MSRC-portal.

The known issues are in a small increment when compared to the last month. Based on that information the administrators can still continue deploying the monthly patches following normal procedures.

Operating system

Known issues (last month)

Windows 10, version 2004 and Windows Server, version 2004

2 (1)

Windows 10, version 1909 ja 1903* and Windows Server, version 1903

2 (0)

Windows 10, version 1809 and Windows Server 2019

2 (2)

Windows 10, version 1803**

1 (0)

Windows 10, version 1709** and Windows Server, version 1709

1 (0)

Windows 10, version 1703***

Reached end of service

Windows 10, version 1607 LTSC*** and Windows Server 2016

2 (1)

Windows 8.1**** and Windows Server 2012 R2

2 (1)

Windows Server 2012

1 (1)

Windows 7**** and Windows Server 2008 R2 SP1

2 (2)

* 1909 shares the same core and system files with the predecessor 1903.

** The support for the specific feature update for version Home and Pro has ended.

*** The support for the specific feature update for all the version has ended.

**** Mainstream support for the operating system has ended: Windows 8.1 1/10/2023 and Windows 7 1/14/2020.

The most critical vulnerability of the month should be patched without any delay. It is targeted to basically all Windows 10 versions and many Windows Server operating systems as well. However, Centero recommends to test the updates thoroughly before deploying them to production endpoints. In addition to this, all the known issues should be read through and reflected to own environment.

Microsoft maintains a list of Windows updates and their known issues on the following pages.

With Centero Software Manager Cloud and CSM Cloud for Servers it’s possible to deploy these updates into your environment and even on remote computers by the configuration you have defined.

Read more on this topic:

Vulnerabilities are many but rather mild on patch Tuesday this June

There are 121 published vulnerabilities for the following products this month: Windows OS, browsers and Microsoft Office. The same trend keep on going. According to the previous 4 months it is normal that the number of vulnerabilities is over 100. This June there are 3 vulnerabilities with monthly high CVSS scoring of 8.8: CVE-2020-1239, CVE-2020-1238 […]

Zoom Client for Meetings has been added to the list of applications supported by CSM

Due to increased remote working requirements and customer demand, we decided to add Zoom Client for Meetings to the list of applications supported by CSM. Read more in our CSM documentation. Check out our full range of supported apps here. With CSM, you can easily distribute the Zoom client to your workstations. If your organization […]