Lucene search

qualysblogAnimesh JainQUALYSBLOG:448FF9823134BB757F9B4F865B148EBC
HistoryNov 10, 2020 - 8:52 p.m.

November 2020 Patch Tuesday – 112 Vulnerabilities, 17 Critical, Windows Codecs, Network File System, Workstation, Adobe

Animesh Jain





This month’s Microsoft Patch Tuesday addresses 112 vulnerabilities with 17 of them labeled as Critical. The 17 Critical vulnerabilities cover Windows Codecs, Network File System, Sharepoint, Windows Print Spooler, and several other workstation vulnerabilities. Adobe released patches today for Adobe Connect and Adobe Reader for Android.

Workstation Patches

The Windows Codecs, GDI+, Browser, Office and Exchange Server vulnerabilities should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.

SharePoint RCE

Microsoft patched six vulnerabilities in SharePoint, and one of them could lead to Remote Code Execution (CVE-2020-17061). Three of these vulnerabilities (CVE-2020-17016, CVE-2020-17015, CVE-2020-17060) involve spoofing vulnerabilities, and two (CVE-2020-16979, CVE-2020-17017) involve information disclosure vulnerabilities. The remaining one (CVE-2020-17061) is a remote code execution vulnerability. Because of this, it is highly recommended to prioritize these patches across all SharePoint deployments.

Windows Kernel Privilege Escalation

While listed as Important, there is an Actively Attacked vulnerability (CVE-2020-17087) in Microsoft Windows. This privilege escalation vulnerability was publicly disclosed by Google in late October. According to Google’s Project Zero security researchers Mateusz Jurczyk and Sergei Glazunov, the bug allows an attacker to escalate their privileges in Windows. This patch should be prioritized across all Windows devices.

Windows Network File System RCE

Microsoft fixed a vulnerability in Network File System (NFS) (CVE-2020-17051). This CVE received a CVSS score of 9.8 with low attack complexity without any user interaction. This has a potential of wormable and should be prioritized.

Print Spooler RCE

Microsoft also patched a Remote Code Execution vulnerability in Print Spooler (CVE-2020-17042), which would lead to elevation of privileges. The exploit requires user interaction but has a low attack complexity which makes it more likely to be compromised. This patch should be prioritized.


Adobe issued patches today covering multiple vulnerabilities in Reader for Android and Adobe Connect. The patches for Reader and Connect are labeled as Priority 3.

While none of the vulnerabilities disclosed in Adobe’s release are known to be Actively Attacked today, all patches should be prioritized on systems with these products installed.

About Patch Tuesday

Patch Tuesday QIDs are published at Security Alerts, typically late in the evening of Patch Tuesday.