February 2020 Patch Tuesday Index

Don't miss a single vulnerability this Patch Tuesday. We'll be compiling all of February 2020's Patch Tuesday releases in one easy-to-read index. Stay tuned in and ready for the latest patches and updates from Microsoft and multiple third-party applications. We track the patches as they became available to the masses and insert all releases into the index below to help ensure you are minimizing your attack surface. We will have a breakdown blog released Wednesday.

Adobe released patches to 35 critical security vulnerabilities, with 21 in Framemaker, 12 in Acrobat and Reader, one in Digital Editions, and one in Flash Player. Mozilla also released updates for Firefox 73, Firefox ESR 68.5, and Thunderbird 68.5. Microsoft released 99 total patches, 12 of which are rated Critical. The lone Microsoft zero-day is an Internet Explorer Scripting Engine Memory Corruption Vulnerability under CVE-2020-0674. Our full patch index from February's Patch Tuesday is below.

Updated Live. Last Update 3:06 PM EST Feb. 11 2020.

AdobeA Adobe
Product
Title
Identifier
Severity
Adobe Framemaker Arbitrary Code Execution APSB20-04 Critical
Adobe Acrobat and Reader Arbitrary Code Execution APSB20-05 Critical
Adobe Flash Player Arbitrary Code Execution APSB20-06 Critical
Adobe Digital Editions Arbitrary Code Execution and Information Disclosure APSB20-07 Critical
Adobe Experience Manager Denial-of-service APSB20-08 Important
firefoxMozilla Firefox
Product
Title
Identifier
Severity
Thunderbird 68.5 Message ID calculation was based on uninitialized data CVE-2020-6792 Low
Thunderbird 68.5 Out-of-bounds read when processing certain email messages CVE-2020-6793 Medium
Thunderbird 68.5 Setting a master password post-Thunderbird 52 does not delete unencrypted previously stored passwords CVE-2020-6794 Medium
Thunderbird 68.5 Crash processing S/MIME messages with multiple signatures CVE-2020-6795 Medium
Firefox 73 and Firefox ESR 68.5 Missing bounds check on shared memory read in the parent process CVE-2020-6796 High
Firefox 73, Firefox ESR 68.5, and Thunderbird 68.5 Extensions granted downloads.open permission could open arbitrary applications on Mac OSX CVE-2020-6797 High
Firefox 73, Firefox ESR 68.5, and Thunderbird 68.5 Incorrect parsing of template tag could result in JavaScript injection CVE-2020-6798 Medium
Firefox 73 and Firefox ESR 68.5 Arbitrary code execution when opening pdf links from other applications, when Firefox is configured as default pdf reader CVE-2020-6799 Medium
Firefox 73, Firefox ESR 68.5, and Thunderbird 68.5 Memory safety bugs fixed CVE-2020-6800 High
Firefox 73 Memory safety bugs fixed CVE-2020-6801 High
microsoftMicrosoft
Product
Title
Identifier
Severity
Microsoft Edge (Chromium-based) Microsoft Edge based on Chromium ADV200002 High
SQL Server 2012, 2014, 2016 Microsoft SQL Server Reporting Services Remote Code Execution CVE-2020-0618 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Remote Desktop Services Remote Code Execution Vulnerability CVE-2020-0655 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Common Log File System Driver Elevation of Privilege Vulnerability CVE-2020-0657 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Common Log File System Driver Information Disclosure Vulnerability CVE-2020-0658 High
Windows 10 and Server 2016 and 2019 Windows Data Sharing Service Elevation of Privilege Vulnerability CVE-2020-0659 High
Windows 8, 10 and Server 2012, 2016, 2019 Windows Remote Desktop Protocol Denial of Service Vulnerability CVE-2020-0660 High
Windows 10 and Server 2016, 2019 Windows Hyper-V Denial of Service Vulnerability CVE-2020-0661 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Remote Code Execution Vulnerability CVE-2020-0662 Critical
Microsoft Edge on Windows 10 Microsoft Edge Elevation of Privilege Vulnerability CVE-2020-0663 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Active Directory Elevation of Privilege Vulnerability CVE-2020-0665 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Search Indexer Elevation of Privilege Vulnerability CVE-2020-0666 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Search Indexer Elevation of Privilege Vulnerability CVE-2020-0667 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Kernel Elevation of Privilege Vulnerability CVE-2020-0668 High
Windows 10 and Server 2019 Windows Kernel Elevation of Privilege Vulnerability CVE-2020-0669 High
Windows 10 and Server 2016, 2019 Windows Kernel Elevation of Privilege Vulnerability CVE-2020-0670 High
Windows 10 and Server 2019 Windows Kernel Elevation of Privilege Vulnerability CVE-2020-0671 High
Windows 10 and Server 2019 Windows Kernel Elevation of Privilege Vulnerability CVE-2020-0672 High
Internet Explorer 9, 10, 11 Scripting Engine Memory Corruption Vulnerability CVE-2020-0673 Critical
Internet Explorer 9, 10, 11 Scripting Engine Memory Corruption Vulnerability CVE-2020-0674 Critical
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Key Isolation Service Information Disclosure Vulnerability CVE-2020-0675 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Key Isolation Service Information Disclosure Vulnerability CVE-2020-0676 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Key Isolation Service Information Disclosure Vulnerability CVE-2020-0677 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Error Reporting Manager Elevation of Privilege Vulnerability CVE-2020-0678 High
Windows 8, 10 and Server 2012, 2016, 2019 Windows Function Discovery Service Elevation of Privilege Vulnerability CVE-2020-0679 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Function Discovery Service Elevation of Privilege Vulnerability CVE-2020-0680 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Remote Desktop Client Remote Code Execution Vulnerability CVE-2020-0681 Critical
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Function Discovery Service Elevation of Privilege Vulnerability CVE-2020-0682 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Installer Elevation of Privilege Vulnerability CVE-2020-0683 High
Windows 10 and Server 2019 Windows COM Server Elevation of Privilege Vulnerability CVE-2020-0685 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Installer Elevation of Privilege Vulnerability CVE-2020-0686 High
Microsoft Exchange Server 2010, 2013, 2016, 2019 Microsoft Exchange Memory Corruption Vulnerability CVE-2020-0688 High
Windows 8, 10 and Server 2012, 2016, 2019 Microsoft Secure Boot Security Feature Bypass Vulnerability CVE-2020-0689 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Win32k Elevation of Privilege Vulnerability CVE-2020-0691 High
Microsoft Exchange Server 2013, 2016, 2019 Microsoft Exchange Server Elevation of Privilege Vulnerability CVE-2020-0692 High
Microsoft SharePoint Server 2013, 2019 Microsoft Office SharePoint XSS Vulnerability CVE-2020-0693 High
Microsoft SharePoint Server 2013, 2019 Microsoft Office SharePoint XSS Vulnerability CVE-2020-0694 High
Office Online Server Microsoft Office Online Server Spoofing Vulnerability CVE-2020-0695 High
Microsoft Office 2019 and Outlook 2010, 2013, 2016 Microsoft Outlook Security Feature Bypass Vulnerability CVE-2020-0696 High
Office 365 ProPlus Microsoft Office Tampering Vulnerability CVE-2020-0697 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Information Disclosure Vulnerability CVE-2020-0698 High
Windows 10 and Server 2019 Windows Client License Service Elevation of Privilege Vulnerability CVE-2020-0701 High
Microsoft Surface Hub Surface Hub Security Feature Bypass Vulnerability CVE-2020-0702 High
Windows 7, 10 and Server 2008, 2012, 2016, 2019 Windows Backup Service Elevation of Privilege Vulnerability CVE-2020-0703 High
Windows 10 and Server 2016, 2019 Windows Wireless Network Manager Elevation of Privilege Vulnerability CVE-2020-0704 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability CVE-2020-0705 High
Internet Explorer 10, 11 and Microsoft Edge Microsoft Browser Information Disclosure Vulnerability CVE-2020-0706 High
Windows 8, 10 and Server 2012, 2016, 2019 Windows IME Elevation of Privilege Vulnerability CVE-2020-0707 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Imaging Library Remote Code Execution Vulnerability CVE-2020-0708 High
Windows 10 and Server 2016 DirectX Elevation of Privilege Vulnerability CVE-2020-0709 High
Microsoft Edge Scripting Engine Memory Corruption Vulnerability CVE-2020-0710 Critical
Microsoft Edge and ChakraCore Scripting Engine Memory Corruption Vulnerability CVE-2020-0711 Critical
Microsoft Edge and ChakraCore Scripting Engine Memory Corruption Vulnerability CVE-2020-0712 Critical
Microsoft Edge and ChakraCore Scripting Engine Memory Corruption Vulnerability CVE-2020-0713 Critical
Windows 10 and Server 2019 DirectX Information Disclosure Vulnerability CVE-2020-0714 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Graphics Component Elevation of Privilege Vulnerability CVE-2020-0715 High
Windows 8, 10 and Server 2012, 2016 Win32k Information Disclosure Vulnerability CVE-2020-0716 High
Windows 10 and Server 2019 Win32k Information Disclosure Vulnerability CVE-2020-0717 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Win32k Elevation of Privilege Vulnerability CVE-2020-0719 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Win32k Elevation of Privilege Vulnerability CVE-2020-0720 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Win32k Elevation of Privilege Vulnerability CVE-2020-0721 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Win32k Elevation of Privilege Vulnerability CVE-2020-0722 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Win32k Elevation of Privilege Vulnerability CVE-2020-0723 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Win32k Elevation of Privilege Vulnerability CVE-2020-0724 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Win32k Elevation of Privilege Vulnerability CVE-2020-0725 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Win32k Elevation of Privilege Vulnerability CVE-2020-0726 High
Windows 10 and Server 2016, 2019 Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability CVE-2020-0727 High
Windows 10 and Server 2016, 2019 Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability CVE-2020-0728 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 LNK Remote Code Execution Vulnerability CVE-2020-0729 Critical
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows User Profile Service Elevation of Privilege Vulnerability CVE-2020-0730 High
Windows 7, 8, 10 and Server 2008, 2012, 2016 Win32k Elevation of Privilege Vulnerability CVE-2020-0731 High
Windows 10 and Server 2016 DirectX Elevation of Privilege Vulnerability CVE-2020-0732 High
Windows Malicious Software Removal Tool Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability CVE-2020-0733 High
Windows 7, 8, 10 and Server 2008, 2012, 2016 Remote Desktop Client Remote Code Execution Vulnerability CVE-2020-0734 Critical
Windows 7, 8, 10 and Server 2008, 2012, 2016 Windows Search Indexer Elevation of Privilege Vulnerability CVE-2020-0735 High
Windows 7 and Server 2008 Windows Kernel Information Disclosure Vulnerability CVE-2020-0736 High
Windows 7, 8, 10 and Server 2008, 2012, 2016 Windows Elevation of Privilege Vulnerability CVE-2020-0737 High
Windows 7, 8, 10 and Server 2008, 2012, 2016 Media Foundation Memory Corruption Vulnerability CVE-2020-0738 Critical
Windows 10 and Server 2016, 2019 Windows Elevation of Privilege Vulnerability CVE-2020-0739 High
Windows 10 and Server 2019 Connected Devices Platform Service Elevation of Privilege Vulnerability CVE-2020-0740 High
Windows 10 and Server 2019 Connected Devices Platform Service Elevation of Privilege Vulnerability CVE-2020-0741 High
Windows 10 and Server 2016, 2019 Connected Devices Platform Service Elevation of Privilege Vulnerability CVE-2020-0742 High
Windows 10 and Server 2016, 2019 Connected Devices Platform Service Elevation of Privilege Vulnerability CVE-2020-0743 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows GDI Information Disclosure Vulnerability CVE-2020-0744 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Graphics Component Elevation of Privilege Vulnerability CVE-2020-0745 High
Windows 10 and Server 2019 Microsoft Graphics Components Information Disclosure Vulnerability CVE-2020-0746 High
Windows 10 and Server 2016, 2019 Windows Data Sharing Service Elevation of Privilege Vulnerability CVE-2020-0747 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Key Isolation Service Information Disclosure Vulnerability CVE-2020-0748 High
Windows 10 and Server 2016, 2019 Connected Devices Platform Service Elevation of Privilege Vulnerability CVE-2020-0749 High
Windows 10 and Server 2016, 2019 Connected Devices Platform Service Elevation of Privilege Vulnerability CVE-2020-0750 High
Windows 10 Windows Hyper-V Denial of Service Vulnerability CVE-2020-0751 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Search Indexer Elevation of Privilege Vulnerability CVE-2020-0752 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Error Reporting Elevation of Privilege Vulnerability CVE-2020-0753 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Error Reporting Elevation of Privilege Vulnerability CVE-2020-0754 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Key Isolation Service Information Disclosure Vulnerability CVE-2020-0755 High
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 Windows Key Isolation Service Information Disclosure Vulnerability CVE-2020-0756 High
Windows 10 and Server 2019 Windows SSH Elevation of Privilege Vulnerability CVE-2020-0757 High
Microsoft Excel 2010, 2013, 2016 2and Microsoft Office 2016, 2019 Windows SSH Elevation of Privilege Vulnerability CVE-2020-0759 High
Microsoft Edge and ChakraCore Scripting Engine Memory Corruption Vulnerability CVE-2020-0767 Critical
Windows 10 Windows Graphics Component Elevation of Privilege Vulnerability CVE-2020-0792 High

 

Keep your 2020 cyber hygiene resolutions, register to attend our Patch Tuesday webinar this Wednesday. Join Jay Goodman on Wednesday, February 12th, at 12:00 pm EST for Automox's Automating Patch Tuesday Webinar. Even if you can't make it, we'll send you a recording to watch at your leisure. Sign up below!

Register Now!

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure. 

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

Get Instant Updates on Vulnerabilities

Subscribe to receive Automox vulnerability alerts

Reduce your threat surface by up to 80%

Make all of your corporate infrastructure more resilient by automating the basics of cyber hygiene.

Take 15 days to raise your security confidence!
Start a Free Trial