Start Here

S
tart your new year off right! We'll be compiling all of January 2020's Patch Tuesday releases in one easy-to-read index. Stay tuned in and ready for the latest patches and updates from Windows, macOS, and third-party applications. We have tracked the patches as they became available to the masses and inserted all releases into the index below to help ensure you are minimizing your attack surface. We will have a breakdown blog released Wednesday.
Updated Live. Last Update 2:02 PM EST Jan. 14 2020.
![]() |
|||
Product |
Title
|
Identifier
|
Severity
|
Illustrator CC 2019 | Arbitrary Code Execution | CVE-2020-3710 | Critical |
Illustrator CC 2019 | Arbitrary Code Execution | CVE-2020-3711 | Critical |
Illustrator CC 2019 | Arbitrary Code Execution | CVE-2020-3712 | Critical |
Illustrator CC 2019 | Arbitrary Code Execution | CVE-2020-3713 | Critical |
Illustrator CC 2019 | Arbitrary Code Execution | CVE-2020-3714 | Critical |
Adobe Experience Manager | Sensitive Information Disclosure | CVE-2019-16466 | High |
Adobe Experience Manager | Sensitive Information Disclosure | CVE-2019-16467 | High |
Adobe Experience Manager | Sensitive Information Disclosure | CVE-2019-16468 | Medium |
Adobe Experience Manager | Sensitive Information Disclosure | CVE-2019-16469 | High |
![]() |
|||
Product |
Title
|
Identifier
|
Severity
|
Firefox 72.0.1, Firefox ESR 68.4.1, and Thunderbird 68.4.1 | IonMonkey type confusion with StoreElementHole and FallibleStoreElement | CVE-2019-17026 | Critical |
Thunderbird 68.4.1 | Memory corruption in parent process during new content process initialization on Windows | CVE-2019-17015 | High |
Thunderbird 68.4.1 | Bypass of @namespace CSS sanitization during pasting | CVE-2019-17016 | High |
Thunderbird 68.4.1 | Type Confusion in XPCVariant.cpp | CVE-2019-17017 | High |
Firefox 72 | Windows Keyboard in Private Browsing Mode may retain word suggestions | CVE-2019-17018 | Medium |
Firefox 72 | Python files could be inadvertently executed upon opening a download | CVE-2019-17019 | Medium |
Firefox 72 | Content Security Policy not applied to XSL stylesheets applied to XML documents | CVE-2019-17020 | Medium |
Thunderbird 68.4.1 | Heap address disclosure in parent process during content process initialization on Windows | CVE-2019-17021 | Medium |
Thunderbird 68.4.1 | CSS sanitization does not escape HTML tags | CVE-2019-17022 | Medium |
Firefox 72 | NSS may negotiate TLS 1.2 or below after a TLS 1.3 HelloRetryRequest had been sent | CVE-2019-17023 | Low |
Thunderbird 68.4.1 | Memory safety bugs fixed in Thunderbird 68.4.1 | CVE-2019-17024 | High |
Firefox 72 | Memory safety bugs fixed in Firefox 72 | CVE-2019-17025 | High |
![]() |
|||
Product |
Title
|
Identifier
|
Severity
|
Windows 10 and Server 2016 and 2019 | Windows CryptoAPI Spoofing Vulnerability | CVE-2020-0601 | High |
ASP.NET Core 2.1, 3.0, 3.1 | ASP.NET Core Denial of Service Vulnerability | CVE-2020-0602 | High |
ASP.NET Core 2.1, 3.0, 3.1 | ASP.NET Core Remote Code Execution Vulnerability | CVE-2020-0603 | Critical |
Microsoft .NET Framework | .NET Framework Remote Code Execution Vulnerability | CVE-2020-0605 | Critical |
Microsoft .NET Framework | .NET Framework Remote Code Execution Vulnerability | CVE-2020-0606 | Critical |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Microsoft Graphics Components Information Disclosure Vulnerability | CVE-2020-0607 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Win32k Information Disclosure Vulnerability | CVE-2020-0608 | High |
Windows Server 2012, 2016, 2019 | Windows Remote Desktop Gateway Remote Code Execution Vulnerability | CVE-2020-0609 | Critical |
Windows Server 2012, 2016, 2019 | Windows Remote Desktop Gateway Remote Code Execution Vulnerability | CVE-2020-0610 | Critical |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Remote Desktop Client Remote Code Execution Vulnerability | CVE-2020-0611 | Critical |
Windows Server 2016 | Windows Remote Desktop Gateway Denial of Service Vulnerability | CVE-2020-0612 | High |
Windows 8, 10 and Server 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0613 | High |
Windows 8, 10 and Server 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0614 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Common Log File System Driver Information Disclosure Vulnerability | CVE-2020-0615 | High |
Windows 10 and Server 2019 | Microsoft Windows Denial of Service Vulnerability | CVE-2020-0616 | High |
Windows 10 and Server 2016, 2019 | Hyper-V Denial of Service Vulnerability | CVE-2020-0617 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Microsoft Cryptographic Services Elevation of Privilege Vulnerability | CVE-2020-0620 | High |
Windows 10 and Server 2019 | Windows Security Feature Bypass Vulnerability | CVE-2020-0621 | High |
Windows 10 and Server 2016, 2019 | Microsoft Graphics Component Information Disclosure Vulnerability | CVE-2020-0622 | High |
Windows 8, 10 and Server 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0623 | High |
Windows 10 | Win32k Elevation of Privilege Vulnerability | CVE-2020-0624 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0625 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0626 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0627 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0628 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0629 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0630 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0631 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0632 | High |
Windows 10 and Server 2016, 2019 | Windows Search Indexer Elevation of Privilege Vulnerability | CVE-2020-0633 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | CVE-2020-0634 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Elevation of Privilege Vulnerability | CVE-2020-0635 | High |
Windows 10 | Windows Subsystem for Linux Elevation of Privilege Vulnerability | CVE-2020-0636 | High |
Windows Server 2008, 2012, 2016, 2019 | Remote Desktop Web Access Information Disclosure Vulnerability | CVE-2020-0637 | High |
Windows 10 and Server 2019 | Update Notification Manager Elevation of Privilege Vulnerability | CVE-2020-0638 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows Common Log File System Driver Information Disclosure Vulnerability | CVE-2020-0639 | High |
Internet Explorer 9, 10, 11 | Internet Explorer Memory Corruption Vulnerability | CVE-2020-0640 | Critical |
Windows 8, 10 and Server 2012, 2016, 2019 | Microsoft Windows Elevation of Privilege Vulnerability | CVE-2020-0641 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Win32k Elevation of Privilege Vulnerability | CVE-2020-0642 | High |
Windows 7, 8, 10 and Server 2008, 2012, 2016, 2019 | Windows GDI+ Information Disclosure Vulnerability | CVE-2020-0643 | High |
Windows 8, 10 and Server 2012, 2016, 2019 | Windows Elevation of Privilege Vulnerability | CVE-2020-0644 | High |
Microsoft .NET Framework | .NET Framework Remote Code Execution Injection Vulnerability | CVE-2020-0646 | Critical |
Office Online Server | Microsoft Office Online Spoofing Vulnerability | CVE-2020-0647 | High |
Microsoft Excel 2010, 2013, 2016, 2019 | Microsoft Excel Remote Code Execution Vulnerability | CVE-2020-0650 | High |
Microsoft Excel 2010, 2013, 2016, 2019 | Microsoft Excel Remote Code Execution Vulnerability | CVE-2020-0651 | High |
Microsoft Office 2010, 2013, 2016, 2019 | Microsoft Office Memory Corruption Vulnerability | CVE-2020-0652 | High |
Office 365 ProPlus | Microsoft Excel Remote Code Execution Vulnerability | CVE-2020-0653 | High |
OneDrive for Android | Microsoft OneDrive for Android Security Feature Bypass Vulnerability | CVE-2020-0654 | High |
Dynamics 365 Field Service v7 series | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | CVE-2020-0656 | High |
See for yourself how Automox can help you manage your remote workforce. No VPN required.
Start your 15-day free trial today.
15-day free trial. No credit card required.
By submitting this form you agree to our terms of service.
Already have an account? Log in