At the end of each month we take a look at our patch data to give an overview on the most important security patches that were released during the last 30 days. In November we tracked 235 patches in total.
Below is an overview on the affected software categories:
Microsofts Patch Tuesday in November was heavy on remote code execution vulnerabilities. And again SharePoint was among the main products affected as it got a critical remote code execution bug fixed. But also the core Windows operating system had two severe flaws exposed, one in the kernel leading to privilege escalation and one in the NFS file system that got a straight up 9.8 CVSS score.
Cisco and VMware meanwhile also had to fix several critical vulnerabilties. Among the Cisco patches, three affecting the Cisco Security Manager deserved special attention:
- Cisco Security Manager Path Traversal Vulnerability
- Cisco Security Manager Java Deserialization Vulnerabilities
- Cisco Security Manager Static Credential Vulnerability
Other noteworthy patches in November include:
- F5 Products: BIG-IP TMUI vulnerability CVE-2020-5940
- Drupal: Critical – Remote code execution – SA-CORE-2020-012
If you want a weekly patch summary that is personalized for your software + instant patch alerts have a look at our plans: patchdeck.com/pricing