February 2020 Threat Intelligence (CRITICAL ALERT)
This month’s updates include 99 vulnerabilities (13 critical), making this Microsoft’s biggest Patch Tuesday to date! This month’s security release highlights a fix for CVE-2020-0674, a zero-day vulnerability in Internet Explorer that is being actively exploited. All users are advised to install these security updates as soon as possible to protect themselves from these security risks.
Get full information on this month’s patches.
Last month, Microsoft issued an advisory warning that attackers were exploiting a previously unknown flaw in IE. That vulnerability, assigned as CVE-2020-0674, has been patched with this month’s release. It could be used to install malware just by getting a user to browse to a malicious or hacked website.
Another flaw fixed this month in Microsoft Exchange 2010 through 2019 requires some attention. The bug could allow attackers to exploit the Exchange Server and execute arbitrary code by sending a specially crafted email. This vulnerability (CVE-2020-0688) is rated “important” rather than “critical,” but is deemed potentially dangerous, as Microsoft identifies this as a vulnerability that is likely to be exploited.
Other than that, nothing is out of the ordinary to highlight. Microsoft’s patches are just bulkier this month than ever, but no earth-shattering bug needs to be addressed with haste, like in previous months. Patch Tuesday updates are delivered in bulk, so accepting this month’s fixes will automatically install patches for all 99 security flaws simultaneously.
Security vulnerabilities are hackers’ low-hanging fruit. Patching is essential to keeping your information safe. It is also good practice to back up your system or data before applying any updates.