Microsoft’s monthly scheduled updates are out for this month. The November Patch Tuesday is specifically important since Microsoft has fixed a publicly known zero-day under active exploit.
Windows Kernel Zero-Day Finally Fixed
Earlier this month, the Google Project Zero team disclosed a serious zero-day vulnerability affecting Windows systems. The bug (CVE-2020-17087) specifically resided in the Windows Kernel.
When exploited together with a Chrome zero-day (CVE-2020-15999) could allow an adversary to gain elevated privileges on the target device and execute codes.
Google had already fixed the Chrome zero-day. They also reported the Windows bug to Microsoft. However, a patch wasn’t available, yet, Microsoft confirmed to release it with Patch Tuesday.
Hence, the recent update bundle includes a fix for this under-attack vulnerability CVE-2020-17087.
Microsoft has marked it as an important-severity bug that had a low attack complexity and required no user interaction for exploitation.
Other November Patch Tuesday Updates From Microsoft
Apart from the zero-day, Microsoft has patched 111 other security vulnerabilities as well, releasing a total of 11 patches this month.
These include 17 critical severity vulnerabilities. All of them leading to remote code execution, except CVE-2020-16988 that resulted in privilege escalation.
Besides, the patches include fixes for 92 important severity vulnerabilities affecting different products. All of these could lead to different consequences when exploited, such as spoofing, privilege escalation, information disclosure, cross-site scripting, remote code execution, and more.
Although, keeping the devices updated with the latest software versions is always important to prevent potential security issues. However, the November Patch Tuesday from Microsoft needs immediate attention given the active exploitation of the Windows Kernel bug. On top of that, the bug is publicly known for at least two weeks, further increasing the probabilities of exploitation.
All Windows users must ensure they update their systems now.