HOTTEST
TCL QM7K (2025) <!–> ZDNET’s key takeaways The TCL QM7K (65-inch) is on sale for $899 ($700 off). It has exceptional contrast and superb glare resistance, plus AI features and gaming boosts. The setup process for this beautiful-looking TV is tedious. –> <!–> jun / 2025 Recently, I took a look at this year’s base-level […] More
Sony InZone H9 II <!–> ZDNET’s key takeaways Sony’s InZone H9 II headset is available now for $349. Their 360-degree spatial sound allows for immersive audio (especially for FPS games) while the detachable mic turns them into a great pair of everyday headphones. The black matte texture is a fingerprint magnet. –> Follow ZDNET: Add us […] More
June Wan/ZDNET I’ve been using the Pixel phones since they were first released to the public. From the first phone to the latest, the experience has (for the most part) been exceptional. Also: Every product unveiled at the Made by Google event this week Yes, there was the dreaded Pixel 4 and it’s shamelessly bad battery […] More
Image: ZDNet
Microsoft has released today its monthly batch of security updates known as Patch Tuesday, and this month the OS maker has patched 87 vulnerabilities across a wide range of Microsoft products.
By far, the most dangerous bug patched this month is CVE-2020-16898. Described as a remote code execution (RCE) vulnerability in the Windows TCP/IP stack, this bug can allow attackers to take over Windows systems by sending malicious ICMPv6 Router Advertisement packets to an unpatched computer via a network connection.
The bug was discovered internally by Microsoft engineers, and OS versions vulnerable to CVE-2020-16898 include Windows 10 and Windows Server 2019.
With a severity score of 9.8 out of a maximum of 10, Microsoft considers the bug dangerous and likely to be weaponized, and rightfully so.
Patching the bug is recommended, but workarounds such as disabling disable ICMPv6 RDNSS support also exist, which would allow system administrators to deploy temporary mitigations until they quality-test this month’s security updates for any OS-crashing bugs.
Another bug to keep an eye on is CVE-2020-16947, a remote code execution issue in Outlook. Microsoft says this bug can be exploited by tricking a user “to open a specially crafted file with an affected version of Microsoft Outlook software.”
Below are additional details about today’s Microsoft Patch Tuesday and security updates released by other tech companies:
Microsoft’s official Security Update Guide portal lists all security updates in a filterable table.
ZDNet has published this file listing all this month’s security advisories on one single page.
Adobe’s security updates are detailed here.
SAP security updates are available here.
Intel security updates are available here.
VMWare security updates are available here.
Chrome 86 security updates are detailed here.
Android security updates are available here.
Tag
CVE ID
CVE Title
Adobe Flash Player
ADV200012
October 2020 Adobe Flash Security Update
.NET Framework
CVE-2020-16937
.NET Framework Information Disclosure Vulnerability
Azure
CVE-2020-16995
Network Watcher Agent Virtual Machine Extension for Linux Elevation of Privilege Vulnerability
Azure
CVE-2020-16904
Azure Functions Elevation of Privilege Vulnerability
Group Policy
CVE-2020-16939
Group Policy Elevation of Privilege Vulnerability
Microsoft Dynamics
CVE-2020-16978
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Dynamics
CVE-2020-16956
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Microsoft Dynamics
CVE-2020-16943
Dynamics 365 Commerce Elevation of Privilege Vulnerability
Microsoft Exchange Server
CVE-2020-16969
Microsoft Exchange Information Disclosure Vulnerability
Microsoft Graphics Component
CVE-2020-16911
GDI+ Remote Code Execution Vulnerability
Microsoft Graphics Component
CVE-2020-16914
Windows GDI+ Information Disclosure Vulnerability
Microsoft Graphics Component
CVE-2020-16923
Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft Graphics Component
CVE-2020-1167
Microsoft Graphics Components Remote Code Execution Vulnerability
Microsoft NTFS
CVE-2020-16938
Windows Kernel Information Disclosure Vulnerability
Microsoft Office
CVE-2020-16933
Microsoft Word Security Feature Bypass Vulnerability
Microsoft Office
CVE-2020-16929
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office
CVE-2020-16934
Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
Microsoft Office
CVE-2020-16932
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office
CVE-2020-16930
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office
CVE-2020-16955
Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
Microsoft Office
CVE-2020-16928
Microsoft Office Click-to-Run Elevation of Privilege Vulnerability
Microsoft Office
CVE-2020-16957
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office
CVE-2020-16918
Base3D Remote Code Execution Vulnerability
Microsoft Office
CVE-2020-16949
Microsoft Outlook Denial of Service Vulnerability
Microsoft Office
CVE-2020-16947
Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Office
CVE-2020-16931
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Office
CVE-2020-16954
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office
CVE-2020-17003
Base3D Remote Code Execution Vulnerability
Microsoft Office SharePoint
CVE-2020-16948
Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint
CVE-2020-16953
Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint
CVE-2020-16942
Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint
CVE-2020-16951
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Office SharePoint
CVE-2020-16944
Microsoft SharePoint Reflective XSS Vulnerability
Microsoft Office SharePoint
CVE-2020-16945
Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint
CVE-2020-16946
Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint
CVE-2020-16941
Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint
CVE-2020-16950
Microsoft SharePoint Information Disclosure Vulnerability
Microsoft Office SharePoint
CVE-2020-16952
Microsoft SharePoint Remote Code Execution Vulnerability
Microsoft Windows
CVE-2020-16900
Windows Event System Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16901
Windows Kernel Information Disclosure Vulnerability
Microsoft Windows
CVE-2020-16899
Windows TCP/IP Denial of Service Vulnerability
Microsoft Windows
CVE-2020-16908
Windows Setup Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16909
Windows Error Reporting Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16912
Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16940
Windows – User Profile Service Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16907
Win32k Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16936
Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16898
Windows TCP/IP Remote Code Execution Vulnerability
Microsoft Windows
CVE-2020-16897
NetBT Information Disclosure Vulnerability
Microsoft Windows
CVE-2020-16895
Windows Error Reporting Manager Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16919
Windows Enterprise App Management Service Information Disclosure Vulnerability
Microsoft Windows
CVE-2020-16921
Windows Text Services Framework Information Disclosure Vulnerability
Microsoft Windows
CVE-2020-16920
Windows Application Compatibility Client Library Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16972
Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16877
Windows Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16876
Windows Application Compatibility Client Library Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16975
Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16973
Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16974
Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16922
Windows Spoofing Vulnerability
Microsoft Windows
CVE-2020-0764
Windows Storage Services Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16980
Windows iSCSI Target Service Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-1080
Windows Hyper-V Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16887
Windows Network Connections Service Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16885
Windows Storage VSP Driver Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16924
Jet Database Engine Remote Code Execution Vulnerability
Microsoft Windows
CVE-2020-16976
Windows Backup Service Elevation of Privilege Vulnerability
Microsoft Windows
CVE-2020-16935
Windows COM Server Elevation of Privilege Vulnerability
Microsoft Windows Codecs Library
CVE-2020-16967
Windows Camera Codec Pack Remote Code Execution Vulnerability
Microsoft Windows Codecs Library
CVE-2020-16968
Windows Camera Codec Pack Remote Code Execution Vulnerability
PowerShellGet
CVE-2020-16886
PowerShellGet Module WDAC Security Feature Bypass Vulnerability
Visual Studio
CVE-2020-16977
Visual Studio Code Python Extension Remote Code Execution Vulnerability
Windows COM
CVE-2020-16916
Windows COM Server Elevation of Privilege Vulnerability
Windows Error Reporting
CVE-2020-16905
Windows Error Reporting Elevation of Privilege Vulnerability
Windows Hyper-V
CVE-2020-16894
Windows NAT Remote Code Execution Vulnerability
Windows Hyper-V
CVE-2020-1243
Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V
CVE-2020-16891
Windows Hyper-V Remote Code Execution Vulnerability
Windows Installer
CVE-2020-16902
Windows Installer Elevation of Privilege Vulnerability
Windows Kernel
CVE-2020-16889
Windows KernelStream Information Disclosure Vulnerability
Windows Kernel
CVE-2020-16892
Windows Image Elevation of Privilege Vulnerability
Windows Kernel
CVE-2020-16913
Win32k Elevation of Privilege Vulnerability
Windows Kernel
CVE-2020-1047
Windows Hyper-V Elevation of Privilege Vulnerability
Windows Kernel
CVE-2020-16910
Windows Security Feature Bypass Vulnerability
Windows Media Player
CVE-2020-16915
Media Foundation Memory Corruption Vulnerability
Windows RDP
CVE-2020-16863
Windows Remote Desktop Service Denial of Service Vulnerability
Windows RDP
CVE-2020-16927
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
Windows RDP
CVE-2020-16896
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
Windows Secure Kernel Mode
CVE-2020-16890
Windows Kernel Elevation of Privilege Vulnerability More<!–> Marut Khobtakhob/Getty Images Australia has called out five telcos for sending through bulk SMS that contain scam messages, breaching the country’s anti-scam and public safety rules. The Australian Communications and Media Authority (ACMA) said it had taken action against Message4U, SMS Broadcast, DirectSMS, Esendex Australia, and MessageBird for allowing millions of SMS messages to […] More
Internet of Things
Samsung Spotlights Next-generation IoT Innovations for Retailers at National Retail Federation’s BIG Show 2017
That’s Fantasy! The World’s First Stone Shines And Leads You to The Right Way
LG Pushes Smart Home Appliances To Another Dimension With ‘Deep Learning’ Technology
The Port of Hamburg Embarks on IoT: Air Quality Measurement with Sensors
