Patch Tuesday Archive
Patch Tuesday January 2020
Total CVEs
50
Critical
7
Important
41
Exploited
0
Publicly Disclosed
0
All CVEs this month 50
| CVE | Title | Severity | CVSS | Product | Exploited | Disclosed |
|---|---|---|---|---|---|---|
| CVE-2020-0603 | ASP.NET Core Remote Code Execution Vulnerability | Critical | - | ASP.NET | - | - |
| CVE-2020-0605 | .NET Framework Remote Code Execution Vulnerability | Critical | - | .NET Framework | - | - |
| CVE-2020-0606 | .NET Framework Remote Code Execution Vulnerability | Critical | - | .NET Framework | - | - |
| CVE-2020-0609 | Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability | Critical | 9.8 |
Windows RDP | - | - |
| CVE-2020-0610 | Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability | Critical | 9.8 |
Windows RDP | - | - |
| CVE-2020-0611 | Remote Desktop Client Remote Code Execution Vulnerability | Critical | 7.5 |
Windows RDP | - | - |
| CVE-2020-0646 | .NET Framework Remote Code Execution Injection Vulnerability | Critical | - | .NET Framework | - | - |
| CVE-2020-0601 | Windows CryptoAPI Spoofing Vulnerability | Important | 8.1 |
Microsoft Windows | - | - |
| CVE-2020-0602 | ASP.NET Core Denial of Service Vulnerability | Important | - | ASP.NET | - | - |
| CVE-2020-0607 | Microsoft Graphics Component Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | - | - |
| CVE-2020-0608 | Win32k Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Windows | - | - |
| CVE-2020-0612 | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | Important | 7.5 |
Windows RDP | - | - |
| CVE-2020-0613 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0614 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0615 | Windows Common Log File System Driver Information Disclosure Vulnerability | Important | 5.5 |
Common Log File System Driver | - | - |
| CVE-2020-0616 | Microsoft Windows Denial of Service Vulnerability | Important | 5.5 |
Microsoft Windows | - | - |
| CVE-2020-0617 | Hyper-V Denial of Service Vulnerability | Important | 5.3 |
Windows Hyper-V | - | - |
| CVE-2020-0620 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | - |
| CVE-2020-0621 | Windows Security Feature Bypass Vulnerability | Important | 4.4 |
Microsoft Windows | - | - |
| CVE-2020-0622 | Microsoft Graphics Component Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | - | - |
| CVE-2020-0623 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0624 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | - |
| CVE-2020-0625 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0626 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0627 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0628 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0629 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0630 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0631 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0632 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0633 | Windows Search Indexer Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows Search Component | - | - |
| CVE-2020-0634 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | Important | 7.8 |
Common Log File System Driver | - | - |
| CVE-2020-0635 | Windows Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | - |
| CVE-2020-0636 | Windows Subsystem for Linux Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Subsystem for Linux | - | - |
| CVE-2020-0637 | Remote Desktop Web Access Information Disclosure Vulnerability | Important | 5.7 |
Windows RDP | - | - |
| CVE-2020-0638 | Update Notification Manager Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Update Stack | - | - |
| CVE-2020-0639 | Windows Common Log File System Driver Information Disclosure Vulnerability | Important | 5.5 |
Common Log File System Driver | - | - |
| CVE-2020-0641 | Microsoft Windows Elevation of Privilege Vulnerability | Important | 7.8 |
Windows Media | - | - |
| CVE-2020-0642 | Win32k Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Graphics Component | - | - |
| CVE-2020-0643 | Windows GDI+ Information Disclosure Vulnerability | Important | 5.5 |
Microsoft Graphics Component | - | - |
| CVE-2020-0644 | Windows Elevation of Privilege Vulnerability | Important | 7.8 |
Microsoft Windows | - | - |
| CVE-2020-0647 | Microsoft Office Online Spoofing Vulnerability | Important | - | Microsoft Office | - | - |
| CVE-2020-0650 | Microsoft Excel Remote Code Execution Vulnerability | Important | - | Microsoft Office | - | - |
| CVE-2020-0651 | Microsoft Excel Remote Code Execution Vulnerability | Important | - | Microsoft Office | - | - |
| CVE-2020-0652 | Microsoft Office Memory Corruption Vulnerability | Important | - | Microsoft Office | - | - |
| CVE-2020-0653 | Microsoft Excel Remote Code Execution Vulnerability | Important | - | Microsoft Office | - | - |
| CVE-2020-0654 | Microsoft OneDrive for Android Security Feature Bypass Vulnerability | Important | - | Apps | - | - |
| CVE-2020-0656 | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | Important | - | Microsoft Dynamics | - | - |
| ADV200001 | Microsoft Guidance on Scripting Engine Memory Corruption Vulnerability | Moderate | - | Microsoft Scripting Engine | - | - |
| CVE-2020-0640 | Internet Explorer Memory Corruption Vulnerability | Moderate | 7.5 |
Microsoft Scripting Engine | - | - |
Threat Categories 6
| Threat Category | CVEs | Critical |
|---|---|---|
| Elevation of Privilege | 21 | - |
| Remote Code Execution | 13 | 7 |
| Information Disclosure | 7 | - |
| Denial of Service | 4 | - |
| Spoofing | 3 | - |
| Security Feature Bypass | 2 | - |
Affected Products 15
| Product | CVEs | Exploited |
|---|---|---|
| Microsoft Windows Search Component | 12 | - |
| Microsoft Windows | 8 | - |
| Windows RDP | 5 | - |
| Microsoft Office | 5 | - |
| Microsoft Graphics Component | 4 | - |
| .NET Framework | 3 | - |
| Common Log File System Driver | 3 | - |
| ASP.NET | 2 | - |
| Microsoft Scripting Engine | 2 | - |
| Windows Hyper-V | 1 | - |
| Windows Subsystem for Linux | 1 | - |
| Windows Update Stack | 1 | - |
| Windows Media | 1 | - |
| Apps | 1 | - |
| Microsoft Dynamics | 1 | - |