Wednesday 11 November 2020
The impact of this issue announcement is critical. Please act accordingly to rectify the issue, as stated below.
Microsoft Windows, Microsoft Office and Microsoft Office Services and Web Apps, Internet Explorer, Microsoft Edge (both EdgeHTML-based and Chromium-based), ChakraCore, Microsoft Exchange Server, Microsoft Dynamics, Microsoft Windows Codecs Library, Azure Sphere, Windows Defender, Microsoft Teams, Azure SDK, Azure DevOps, Visual Studio.
What you need to know:
Microsoft has released security and non-security updates to address bugs, a majority of which are remote code executions in multiple products. Users and administrators are encouraged to review this month’s Patch Tuesday Security Summary and apply the necessary updates.
Actions to be taken:
Review the CVEs fixed in this month’s release, including their information and FAQs. Further steps to take after installing the updates can be seen in this month’s Microsoft Security Updates. (https://msrc.microsoft.com/update-guide/releaseNote/2020-Nov).
Customers running Windows 7, Windows Server 2008 R2, or Windows Server 2008 need to purchase the Extended Security Update to continue receiving updates. (https://support.microsoft.com/en-us/help/4522133/procedure-to-continue-receiving-security-updates)