Microsoft today released 87 patches – 11 of them critical – and a slew of RCE vulnerabilities while Adobe released patches for Adobe Flash Player across multiple platforms today.

This marks the first time since February that Microsoft patched fewer than 100 CVEs. Leading the pack this month from Microsoft are a TCP/IP-related flaw and a vulnerability in Windows RDP.

Satnam Narang, staff research engineer at Tenable, said the most critical vulnerability released by Microsoft is CVE-2020-16898, a remote code execution vulnerability in the Windows TCP/IP stack. Dubbed “Bad Neighbor” by researchers at McAfee, Narang said the flaw occurs because Windows TCP/IP stack does not properly handle ICMPv6 Router Advertisement packets.

Please register to continue.

Already registered? Log in.

Once you register, you'll receive:

  • News analysis

    The context and insight you need to stay abreast of the most important developments in cybersecurity. CISO and practitioner perspectives; strategy and tactics; solutions and innovation; policy and regulation.

  • Archives

    Unlimited access to nearly 20 years of SC Media industry analysis and news-you-can-use.

  • Daily Newswire

    SC Media’s essential morning briefing for cybersecurity professionals.

  • Learning Express

    One-click access to our extensive program of virtual events, with convenient calendar reminders and ability to earn CISSP credits.