December 2020 Monthly Patch Release

Published on 09 Dec 2020

Updated on 09 Dec 2020

Microsoft has released security patches to address multiple vulnerabilities in their software and products.

The vulnerabilities that have been classified as Critical in severity are listed in the table below.

For the full list of security patches released by Microsoft, please refer to https://portal.msrc.microsoft.com/en-us/security-guidance/releasenotedetail/2020-Dec

CRITICAL VULNERABILITIES
CVE Number Vulnerability Base Score Reference
CVE-2020-17142 Microsoft Exchange Remote Code Execution Vulnerability 9.1 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17142
CVE-2020-17132 Microsoft Exchange Remote Code Execution Vulnerability 9.1 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17132
CVE-2020-17121 Microsoft SharePoint Remote Code Execution Vulnerability 8.8 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17121
CVE-2020-17158 Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability 8.8 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17158
CVE-2020-17152 Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability 8.8 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17152
CVE-2020-17095 Hyper-V Remote Code Execution Vulnerability 8.5 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17095
CVE-2020-17118 Microsoft SharePoint Remote Code Execution Vulnerability 8.1 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17118
CVE-2020-17117 Microsoft Exchange Remote Code Execution Vulnerability 6.6 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17117
CVE-2020-17131 Chakra Scripting Engine Memory Corruption Vulnerability 4.2 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17131