Patch-Tuesday-Updates: A repository from Cheroxx

Patch Tuesdays

The latest cybersecurity news on recent current security updates and patches released by Microsoft, Apple, and other vendors

September 2020 security releases

Adobe

Updates for these products:

Adobe InDesign
Adobe Framemaker
Adobe Experience Manager

Summary of vulnerability details:

Arbitrary code execution
Buffer overflow and out of bounds read leading to arbitrary code execution
XSS and arbitrary JavaScript execution in the browser

Critical CVE's

CVE-2020-9727    
CVE-2020-9728    
CVE-2020-9729    
CVE-2020-9730    
CVE-2020-9731 
CVE-2020-9726
CVE-2020-9725
CVE-2020-9732
CVE-2020-9734
CVE-2020-9740
CVE-2020-9741
CVE-2020-9742

Firefox

Updates for these products:

Firefox for Android
Thunderbird
Firefox ESR
Firefox

Vulnerability details:

CVE-2020-15664: Attacker-induced prompt for extension installation 
CVE-2020-15670: Memory safety bugs 
CVE-2020-15663: Downgrade attack on Mozilla Maintenance Service potential for privilege escalation 
CVE-2020-15664: Attacker-induced prompt for extension installation

Microsoft

Updates for this software:

Microsoft Windows
Microsoft Edge Browsers
Microsoft ChakraCore
Internet Explorer
Active Directory
SQL Server
Microsoft JET Database Engine
Microsoft Office and Microsoft Office Services and Web Apps
Microsoft Office SharePoint
Microsoft Dynamics
Visual Studio
Microsoft Exchange Server
SQL Server
ASP.NET
Microsoft OneDrive
Azure DevOps
Windows Hyper-V
Microsoft Graphics Component
Windows Kernel
Microsoft Dynamics