Don't miss a single vulnerability this Patch Tuesday. The latest patches and updates from Microsoft and multiple third-party applications can be found in August's Patch Tuesday Index below. Ensure you're minimizing your attack surface by joining our Automating Patch Tuesday Webinar this Wednesday. Patch Tuesday expert Richard Melick will give recommended remediation strategies for current vulnerabilities and exploits (plus a chance to win a Raspberry Pi).
Microsoft has released 120 vulnerabilities, 17 of which are deemed Critical. There is one zero-day, CVE-2020-1380, and one publicly disclosed vulnerability, CVE-2020-1464.
Adobe released updates for Lightroom, Acrobat, and Reader in August. We've also included updates from Mozilla and Adobe that were released between last month's Patch Tuesday and this one.
Updated Live. Last Update 1:13 PM EST August 11 2020.
![]() |
|||
Product |
Title
|
Identifier
|
Severity
|
Adobe Lightroom | 1 Security Vulnerability fixed in Adobe Lightroom | APSB20-51 | High |
Adobe Acrobat and Reader | 26 Security Vulnerabilities fixed in Adobe Acrobat and Reader | APSB20-48 | High |
Adobe Reader Mobile | 1 Security Vulnerability fixed in Adobe Reader Mobile | APSB20-50 | High |
Magento | 4 Security Vulnerabilities fixed in Magento | APSB20-47 | High |
Adobe Prelude | 4 Security Vulnerabilities fixed in Adobe Prelude | APSB20-46 | Medium |
Adobe Photoshop | 5 Security Vulnerabilities fixed in Adobe Photoshop | APSB20-45 | Medium |
Adobe Bridge | 3 Security Vulnerabilities fixed in Adobe Bridge | APSB20-44 | Medium |
![]() |
|||
Product |
Title
|
Identifier
|
Severity
|
Firefox | 10 Security Vulnerabilities fixed in Firefox 79 | MFSA 2020-30 | High |
Firefox ESR | 6 Security Vulnerabilities fixed in Firefox ESR 68.11 | MFSA 2020-31 | High |
Firefox ESR | 10 Security Vulnerabilities fixed in Firefox ESR 78.1 | MFSA 2020-32 | High |
Thunderbird | 10 Security Vulnerabilities fixed in Thunderbird 78.1 | MFSA 2020-33 | High |
Firefox for iOS | 3 Security Vulnerabilities fixed in Firefox for iOS 28 | MFSA 2020-34 | High |
Thunderbird | 4 Security Vulnerabilities fixed in Thunderbird 68.11 | MFSA 2020-35 | High |
![]() |
|||
Product |
Title
|
Identifier
|
Severity
|
Microsoft Scripting Engine | Scripting Engine Memory Corruption Vulnerability | CVE-2020-1380 | Critical Zero-Day |
.NET Framework | .NET Framework Remote Code Execution Vulnerability | CVE-2020-1046 | Critical |
Internet Explorer | MSHTML Engine Remote Code Execution Vulnerability | CVE-2020-1567 | Critical |
Microsoft Edge | Microsoft Edge PDF Remote Code Execution Vulnerability | CVE-2020-1568 | Critical |
Microsoft Office | Microsoft Outlook Memory Corruption Vulnerability | CVE-2020-1483 | Critical |
Microsoft Scripting Engine | Scripting Engine Memory Corruption Vulnerability | CVE-2020-1555 | Critical |
Microsoft Scripting Engine | Scripting Engine Memory Corruption Vulnerability | CVE-2020-1570 | Critical |
Microsoft Video Control | Media Foundation Memory Corruption Vulnerability | CVE-2020-1492 | Critical |
Microsoft Windows Codecs Library | Microsoft Windows Codecs Library Remote Code Execution Vulnerability | CVE-2020-1560 | Critical |
Microsoft Windows Codecs Library | Microsoft Windows Codecs Library Remote Code Execution Vulnerability | CVE-2020-1574 | Critical |
Microsoft Windows Codecs Library | Microsoft Windows Codecs Library Remote Code Execution Vulnerability | CVE-2020-1585 | Critical |
Netlogon | NetLogon Elevation of Privilege Vulnerability | CVE-2020-1472 | Critical |
Windows Media | Media Foundation Memory Corruption Vulnerability | CVE-2020-1525 | Critical |
Windows Media | Windows Media Remote Code Execution Vulnerability | CVE-2020-1339 | Critical |
Windows Media | Media Foundation Memory Corruption Vulnerability | CVE-2020-1379 | Critical |
Windows Media | Media Foundation Memory Corruption Vulnerability | CVE-2020-1554 | Critical |
Windows Media Player | Media Foundation Memory Corruption Vulnerability | CVE-2020-1477 | Critical |
.NET Framework | ASP.NET and .NET Elevation of Privilege Vulnerability | CVE-2020-1476 | High |
ASP.NET | ASP.NET Core Denial of Service Vulnerability | CVE-2020-1597 | High |
Microsoft Dynamics | Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability | CVE-2020-1591 | High |
Microsoft Edge | Microsoft Edge Memory Corruption Vulnerability | CVE-2020-1569 | High |
Microsoft Graphics Component | Microsoft Graphics Components Remote Code Execution Vulnerability | CVE-2020-1562 | High |
Microsoft Graphics Component | Windows GDI Elevation of Privilege Vulnerability | CVE-2020-1529 | High |
Microsoft Graphics Component | DirectWrite Information Disclosure Vulnerability | CVE-2020-1577 | High |
Microsoft Graphics Component | Microsoft Graphics Components Remote Code Execution Vulnerability | CVE-2020-1561 | High |
Microsoft Graphics Component | Win32k Information Disclosure Vulnerability | CVE-2020-1510 | High |
Microsoft JET Database Engine | Jet Database Engine Remote Code Execution Vulnerability | CVE-2020-1473 | High |
Microsoft JET Database Engine | Jet Database Engine Remote Code Execution Vulnerability | CVE-2020-1557 | High |
Microsoft JET Database Engine | Jet Database Engine Remote Code Execution Vulnerability | CVE-2020-1564 | High |
Microsoft JET Database Engine | Jet Database Engine Remote Code Execution Vulnerability | CVE-2020-1558 | High |
Microsoft Office | Microsoft Excel Remote Code Execution Vulnerability | CVE-2020-1495 | High |
Microsoft Office | Microsoft Excel Remote Code Execution Vulnerability | CVE-2020-1504 | High |
Microsoft Office | Microsoft Word Information Disclosure Vulnerability | CVE-2020-1503 | High |
Microsoft Office | Microsoft Word Information Disclosure Vulnerability | CVE-2020-1502 | High |
Microsoft Office | Microsoft Excel Remote Code Execution Vulnerability | CVE-2020-1496 | High |
Microsoft Office | Microsoft Excel Remote Code Execution Vulnerability | CVE-2020-1494 | High |
Microsoft Office | Microsoft Office Remote Code Execution Vulnerability | CVE-2020-1563 | High |
Microsoft Office | Microsoft Word Information Disclosure Vulnerability | CVE-2020-1583 | High |
Microsoft Office | Microsoft Access Remote Code Execution Vulnerability | CVE-2020-1582 | High |
Microsoft Office | Microsoft Office Click-to-Run Elevation of Privilege Vulnerability | CVE-2020-1581 | High |
Microsoft Office | Microsoft Excel Remote Code Execution Vulnerability | CVE-2020-1498 | High |
Microsoft Office | Microsoft Excel Information Disclosure Vulnerability | CVE-2020-1497 | High |
Microsoft Office | Microsoft Outlook Information Disclosure Vulnerability | CVE-2020-1493 | High |
Microsoft Office SharePoint | Microsoft SharePoint Spoofing Vulnerability | CVE-2020-1499 | High |
Microsoft Office SharePoint | Microsoft SharePoint Spoofing Vulnerability | CVE-2020-1501 | High |
Microsoft Office SharePoint | Microsoft SharePoint Spoofing Vulnerability | CVE-2020-1500 | High |
Microsoft Office SharePoint | Microsoft Office SharePoint XSS Vulnerability | CVE-2020-1580 | High |
Microsoft Office SharePoint | Microsoft Office SharePoint XSS Vulnerability | CVE-2020-1573 | High |
Microsoft Office SharePoint | Microsoft SharePoint Information Disclosure Vulnerability | CVE-2020-1505 | High |
Microsoft Windows | Windows Storage Service Elevation of Privilege Vulnerability | CVE-2020-1490 | High |
Microsoft Windows | Windows Kernel Elevation of Privilege Vulnerability | CVE-2020-1486 | High |
Microsoft Windows | Windows Image Acquisition Service Information Disclosure Vulnerability | CVE-2020-1485 | High |
Microsoft Windows | Windows AppX Deployment Extensions Elevation of Privilege Vulnerability | CVE-2020-1488 | High |
Microsoft Windows | Windows CSC Service Elevation of Privilege Vulnerability | CVE-2020-1489 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1551 | High |
Microsoft Windows | Windows State Repository Service Information Disclosure Vulnerability | CVE-2020-1512 | High |
Microsoft Windows | Windows CSC Service Elevation of Privilege Vulnerability | CVE-2020-1513 | High |
Microsoft Windows | Windows Telephony Server Elevation of Privilege Vulnerability | CVE-2020-1515 | High |
Microsoft Windows | Windows Work Folder Service Elevation of Privilege Vulnerability | CVE-2020-1552 | High |
Microsoft Windows | Windows Runtime Elevation of Privilege Vulnerability | CVE-2020-1553 | High |
Microsoft Windows | Windows Kernel Elevation of Privilege Vulnerability | CVE-2020-1566 | High |
Microsoft Windows | Windows Function Discovery SSDP Provider Elevation of Privilege Vulnerability | CVE-2020-1579 | High |
Microsoft Windows | Windows dnsrslvr.dll Elevation of Privilege Vulnerability | CVE-2020-1584 | High |
Microsoft Windows | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | CVE-2020-1587 | High |
Microsoft Windows | Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability | CVE-2020-1511 | High |
Microsoft Windows | Windows GDI Elevation of Privilege Vulnerability | CVE-2020-1480 | High |
Microsoft Windows | Windows Work Folders Service Elevation of Privilege Vulnerability | CVE-2020-1484 | High |
Microsoft Windows | Windows UPnP Device Host Elevation of Privilege Vulnerability | CVE-2020-1538 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1547 | High |
Microsoft Windows | Windows Radio Manager API Elevation of Privilege Vulnerability | CVE-2020-1528 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1545 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1544 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1543 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1542 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1541 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1540 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1539 | High |
Microsoft Windows | Windows Remote Access Elevation of Privilege Vulnerability | CVE-2020-1537 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1536 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1535 | High |
Microsoft Windows | Windows Backup Service Elevation of Privilege Vulnerability | CVE-2020-1534 | High |
Microsoft Windows | Windows Network Connection Broker Elevation of Privilege Vulnerability | CVE-2020-1526 | High |
Microsoft Windows | Windows Remote Access Elevation of Privilege Vulnerability | CVE-2020-1530 | High |
Microsoft Windows | Windows Font Driver Host Remote Code Execution Vulnerability | CVE-2020-1520 | High |
Microsoft Windows | Windows CDP User Components Elevation of Privilege Vulnerability | CVE-2020-1549 | High |
Microsoft Windows | Windows Backup Engine Elevation of Privilege Vulnerability | CVE-2020-1546 | High |
Microsoft Windows | Windows UPnP Device Host Elevation of Privilege Vulnerability | CVE-2020-1519 | High |
Microsoft Windows | Windows Spoofing Vulnerability | CVE-2020-1464 | High |
Microsoft Windows | Windows Server Resource Management Service Elevation of Privilege Vulnerability | CVE-2020-1475 | High |
Microsoft Windows | Windows Work Folders Service Elevation of Privilege Vulnerability | CVE-2020-1470 | High |
Microsoft Windows | Windows CDP User Components Elevation of Privilege Vulnerability | CVE-2020-1550 | High |
Microsoft Windows | Windows Hard Link Elevation of Privilege Vulnerability | CVE-2020-1467 | High |
Microsoft Windows | Local Security Authority Subsystem Service Elevation of Privilege Vulnerability | CVE-2020-1509 | High |
Microsoft Windows | Windows Custom Protocol Engine Elevation of Privilege Vulnerability | CVE-2020-1527 | High |
Microsoft Windows | Windows Work Folders Service Elevation of Privilege Vulnerability | CVE-2020-1516 | High |
Microsoft Windows | Windows ARM Information Disclosure Vulnerability | CVE-2020-1459 | High |
Microsoft Windows | Windows RRAS Service Information Disclosure Vulnerability | CVE-2020-1383 | High |
Microsoft Windows | Windows File Server Resource Management Service Elevation of Privilege Vulnerability | CVE-2020-1517 | High |
Microsoft Windows | Windows File Server Resource Management Service Elevation of Privilege Vulnerability | CVE-2020-1518 | High |
SQL Server | Microsoft SQL Server Management Studio Denial of Service Vulnerability | CVE-2020-1455 | High |
Visual Studio | Visual Studio Code Remote Code Execution Vulnerability | CVE-2020-0604 | High |
Windows AI | Windows Speech Runtime Elevation of Privilege Vulnerability | CVE-2020-1521 | High |
Windows AI | Windows Speech Runtime Elevation of Privilege Vulnerability | CVE-2020-1522 | High |
Windows AI | Windows Speech Shell Components Elevation of Privilege Vulnerability | CVE-2020-1524 | High |
Windows COM | Windows Image Acquisition Service Information Disclosure Vulnerability | CVE-2020-1474 | High |
Windows Kernel | Windows Kernel Information Disclosure Vulnerability | CVE-2020-1578 | High |
Windows Kernel | Windows Kernel Elevation of Privilege Vulnerability | CVE-2020-1417 | High |
Windows Kernel | DirectX Elevation of Privilege Vulnerability | CVE-2020-1479 | High |
Windows Media | Media Foundation Information Disclosure Vulnerability | CVE-2020-1487 | High |
Windows Media Player | Media Foundation Memory Corruption Vulnerability | CVE-2020-1478 | High |
Windows Print Spooler Components | Windows Print Spooler Elevation of Privilege Vulnerability | CVE-2020-1337 | High |
Windows RDP | Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability | CVE-2020-1466 | High |
Windows Registry | Windows Registry Elevation of Privilege Vulnerability | CVE-2020-1378 | High |
Windows Registry | Windows Registry Elevation of Privilege Vulnerability | CVE-2020-1377 | High |
Windows Shell | Windows Elevation of Privilege Vulnerability | CVE-2020-1565 | High |
Windows Shell | Windows Accounts Control Elevation of Privilege Vulnerability | CVE-2020-1531 | High |
Windows Update Stack | Windows 10 Update Assistant Elevation of Privilege Vulnerability | CVE-2020-1571 | High |
Windows Update Stack | Windows WaasMedic Service Information Disclosure Vulnerability | CVE-2020-1548 | High |
Windows WalletService | Windows WalletService Elevation of Privilege Vulnerability | CVE-2020-1556 | High |
Windows WalletService | Windows WalletService Elevation of Privilege Vulnerability | CVE-2020-1533 | High |
About Automox
Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.
Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.
Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.