Yesterday marked the release of the May 2020 edition of Microsoft Patch Tuesday.
This important update patched 111 security vulnerabilities pertaining to programs as well as the operating system itself, of which 16 are labelled as “critical”, with the rest being labelled as “important”.
Reportedly, none of the security issues addressed were labelled as public exploits.
First, we have remote code execution flaws that were present in Windows Media Foundation and Microsoft Color Management.
These required a user opening a malicious attachment or clicking through to a malicious website, which tends to involve some level of trickery on the attacker’s end.
According to the company’s Exploitability Index assessment, the chances of malicious actors exploiting these is “less likely”.
Then, there are three Elevation of Privilege vulnerabilities that were also addressed: a pair of flaws in Win32k and one in Windows Graphics Component.
An Elevation of Privilege vulnerability allows an attacker to execute code on the target system.
Microsoft believes that a malicious actor is more likely to capitalise on them.
In the May 2020 release of Patch Tuesday, at least 56 of these types of fixes are included.
Adobe also put out several updates for its products.
For instance, Adobe Acrobat and Adobe Reader were both patched in an update that included two dozen important and critical vulnerability patches.
Although many updates in the current Patch Tuesday also apply to Windows 7, this operating system is no longer supported, meaning that you should not expect any security updates for it.
Bear in mind that it is good practice to back up your most important files prior to applying the updates.
Although a manual copy and paste is always an option, Windows 10 provides built-in tools to facilitate the process.