{"id":4967,"date":"2020-09-09T23:12:06","date_gmt":"2020-09-09T22:12:06","guid":{"rendered":"https:\/\/www.n-able.com\/?p=4967"},"modified":"2022-06-10T18:16:28","modified_gmt":"2022-06-10T17:16:28","slug":"september-2020-patch-tuesday-higher-count-critical-vulnerabilities","status":"publish","type":"post","link":"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities","title":{"rendered":"September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities"},"content":{"rendered":"<p>This patch Tuesday release is like the last few\u2014less than 100 vulnerabilities fixed, with a few high severity vulnerabilities, and a mix of operating system and other application vulnerabilities. What\u2019s really eye-catching this month is a group of four vulnerabilities Microsoft released the week before that seem to be part of a chained attack against Exchange servers. If you haven\u2019t already, make sure to patch your Exchange servers as it\u2019s an immediate priority.<\/p>\n<p>All in all, Microsoft fixed 82 vulnerabilities (plus the four from March 2). Ten of them are marked as\u00a0<b>Critical<\/b>, with the rest listed as\u00a0<b>Important<\/b>. Let\u2019s review some details of the Exchange attack, then we\u2019ll review the critical patches and a few others that warrant your attention this month.<\/p>\n<h2>Exchange zero day<\/h2>\n<p>On March 2, Microsoft disclosed and issued fixes for four vulnerabilities:\u00a0<a class=\"ext\" href=\"https:\/\/msrc-blog.microsoft.com\/tag\/cve-2021-26855\/\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-26855<\/a>,\u00a0<a class=\"ext\" href=\"https:\/\/msrc-blog.microsoft.com\/tag\/cve-2021-26857\/\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-26857<\/a>,\u00a0<a class=\"ext\" href=\"https:\/\/msrc-blog.microsoft.com\/tag\/cve-2021-26858\/\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-26858<\/a>, and\u00a0<a class=\"ext\" href=\"https:\/\/msrc-blog.microsoft.com\/tag\/cve-2021-27065\/\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-27065<\/a>. These vulnerabilities were observed in a chained attack executed by Hafnium, a China-attributed APT group, to install web shells and execute code on an Exchange server that had port 443 open and available. A day later, CISA issued an emergency\u00a0<a class=\"ext\" href=\"https:\/\/us-cert.cisa.gov\/ncas\/current-activity\/2021\/03\/03\/cisa-issues-emergency-directive-and-alert-microsoft-exchange\" target=\"_blank\" rel=\"noopener noreferrer\">directive<\/a>\u00a0for all organizations to deploy the patches and to look for any indicators of compromise. At this time,\u00a0 Microsoft has published\u00a0<a class=\"ext\" href=\"https:\/\/www.microsoft.com\/security\/blog\/2021\/03\/02\/hafnium-targeting-exchange-servers\/\" target=\"_blank\" rel=\"noopener noreferrer\">guidance<\/a>\u00a0and\u00a0<a class=\"ext\" href=\"https:\/\/github.com\/microsoft\/CSS-Exchange\/tree\/main\/Security\" target=\"_blank\" rel=\"noopener noreferrer\">scripts<\/a>\u00a0to use to check to see if you have been compromised. Our own Lewis Pope, senior technical product marketing manager, has created some automation manager objects you can use to look for initial evidence that the first vulnerability (CVE-2021-26855) was exploited. You can find the object for N&#8209;central<sup>\u00ae<\/sup><a class=\"ext\" href=\"https:\/\/success.solarwindsmsp.com\/kb\/solarwinds_n-central\/CVE-2021-26855-IOC-N-Central\" target=\"_blank\" rel=\"noopener noreferrer\">here<\/a>\u00a0and for RMM<a class=\"ext\" href=\"https:\/\/success.solarwindsmsp.com\/kb\/solarwinds_rmm\/CVE-2021-26855-IoC-RMM\" target=\"_blank\" rel=\"noopener noreferrer\">\u00a0here<\/a>. If you discover you have been impacted (after applying the patches, of course), the FBI has\u00a0asked\u00a0you to contact them to assist with the investigations. This type of cooperation can help improve cybersecurity efforts and protections in the future.<\/p>\n<h2>Operating systems<\/h2>\n<p>Moving back to patch Tuesday, here are the operating system patches listed as\u00a0<b>Critical<\/b>.<\/p>\n<p><a class=\"ext\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26897\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-26897<\/a>\u00a0is a\u00a0<b>Windows DNS Server Remote Code Execution Vulnerability\u00a0<\/b>that Microsoft lists as\u00a0<b>Exploitation More Likely<\/b>. This is a low complexity attack that requires no user interaction. This vulnerability affects Server 2008 up to the current versions of Windows Server that have the DNS server role enabled. This vulnerability has a CVSS score of 9.8. According to Microsoft, enabling Secure Zone updates may mitigate the risk, but only applying the patch can fully prevent exploitation.<\/p>\n<p><a class=\"ext\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26867\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-26867<\/a>\u00a0is titled\u00a0<b>Windows Hyper-V Remote Code Execution Vulnerability.\u00a0<\/b>An attacker could exploit this vulnerability on the Hyper-V client and execute code on the Hyper-V server with no user interaction. While this has a high CVSS score of 9.9, Microsoft has listed this one as\u00a0<b>Exploitation Less Likely<\/b>. You should note Microsoft states that Hyper-V is only vulnerable if it\u2019s using the Plan 9 file system.<\/p>\n<p>The next critical patches are a trio of fixes for a\u00a0<b>HEVC Video Extensions Remote Code Execution Vulnerability.\u00a0<\/b><a class=\"ext\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-27061\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-27061<\/a>,\u00a0<a class=\"ext\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-24089\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-24089<\/a>, and\u00a0<a class=\"ext\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26902\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-26902<\/a>\u00a0have the same description and details. They\u2019re found in the HEVC video extensions used by apps from the Windows Store. Microsoft lists these as\u00a0<b>Exploitation Less Likely<\/b>, and it should be noted that Windows Store apps are self-updating.<\/p>\n<p>The last critical operating system vulnerability is\u00a0<a class=\"ext\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26876\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-26876<\/a>, an\u00a0<b>OpenType Font Parsing Remote Code Execution Vulnerability.\u00a0<\/b>This CVSS 8.8 vulnerability requires user interaction, such as visiting a malicious website or opening a malicious document and would grant the attacker full control over the target system. This vulnerability affects all supported versions of Windows 10, including Server.<\/p>\n<h2>Browsers<\/h2>\n<p>The lone critical fix in the browser category is an\u00a0<b>Internet Explorer Memory Corruption Vulnerability<\/b>,\u00a0<a class=\"ext\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26411\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-26411<\/a>. Microsoft lists this as\u00a0<b>Exploitation Detected<\/b>\u00a0and it has a CVSS score of 8.8. It affects Internet Explorer 9, Internet Explorer 11, and the Edge-HTML version of Microsoft Edge.<\/p>\n<p>On March 4, Microsoft published a list of 33 CVE numbers that are fixed in the most recent version of their Chromium-based Microsoft Edge. They were fixed in the master Chromium branch, and will be updated automatically\u2014simply ensure you\u2019re running at least version 89.0.774.45 of Edge.<\/p>\n<h2>Other applications<\/h2>\n<p><a class=\"ext\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-21300\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-21300<\/a>\u00a0is a remote code execution vulnerability in Git for Visual Studio. It\u2019s a low complexity attack with a CVSS of 8.8 and affects the developer tools on all supported versions of Windows 10 and Server.<\/p>\n<p>Microsoft also released fixes for two vulnerabilities in Azure Sphere for IoT devices. Any device running Azure Sphere services will be automatically updated, so no action is required.<\/p>\n<h2>Important but needs attention<\/h2>\n<p>There are two other vulnerabilities this month with attributes that warrant attention, even if they aren\u2019t listed as critical. First we have\u00a0<a class=\"ext\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-26863\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-26863<\/a>, which is a\u00a0<b>Windows Win32k Elevation of Privilege Vulnerability.\u00a0<\/b>While no user interaction is required, you should know that executing this vulnerability requires access to the system, meaning a bad actor would have to use another method to gain a foothold (such as a chained attack). This vulnerability affects all supported versions of Windows 10 up to current, including Server and Core. Microsoft lists this as\u00a0<b>Exploitation More Likely<\/b>.<\/p>\n<p>Finally, we have a\u00a0<b>Microsoft SharePoint Server Remote Code Execution Vulnerability<\/b>,\u00a0<a class=\"ext\" href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-27076\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2021-27076<\/a>. This vulnerability would allow an attacker to create a site on SharePoint and execute arbitrary code. While this is also listed as\u00a0<b>Exploitation More Likely<\/b>, it does require the attacker to have access to credentials that would allow them to create a site on the server.<\/p>\n<h2>Summary<\/h2>\n<p>I cannot stress this enough\u2014if you\u2019re running on-premises Exchange, patching those systems should be your absolute priority today. Once that\u2019s done, run the detection scripts to see if your or your customers\u2019 servers were affected. If they were not, continue with the rest of the priorities. If you detect any indicators of compromise, contact the FBI and consider bringing in security specialists to examine your environments for other indicators that bad actors are present.<\/p>\n<p>For the rest of the patches, I recommend you start by focusing on your DNS servers and any Hyper-V servers. Then turn your attention to workstations to address the elevation of privilege vulnerabilities and the browser vulnerabilities.<\/p>\n<p>As always, stay safe out there!<\/p>\n<p>&nbsp;<\/p>\n<p><em>Gill Langston is head security nerd for SolarWinds MSP. You can follow Gill on Twitter at\u00a0<a class=\"ext\" href=\"https:\/\/twitter.com\/cybersec_nerd\" target=\"_blank\" rel=\"noopener noreferrer\">@cybersec_nerd<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>This patch Tuesday release is like the last few\u2014less than 100 vulnerabilities fixed, with a few high severity vulnerabilities, and a mix of operating system and other application vulnerabilities. What\u2019s&#8230;<\/p>\n","protected":false},"author":27,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"footnotes":""},"class_list":["post-4967","post","type-post","status-publish","format-standard","hentry","topic-head-nerds","topic-patch-management","topic-security"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities - N-able<\/title>\n<meta name=\"description\" content=\"Microsoft fixes 82 vulnerabilities (plus the four from March 2). Ten are marked as Critical, with the rest listed as Important. Gill Langston runs through this month\u2019s updates.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities\" \/>\n<meta property=\"og:locale\" content=\"de_DE\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities - N-able\" \/>\n<meta property=\"og:description\" content=\"Microsoft fixes 82 vulnerabilities (plus the four from March 2). Ten are marked as Critical, with the rest listed as Important. Gill Langston runs through this month\u2019s updates.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities\" \/>\n<meta property=\"og:site_name\" content=\"N-able\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/NableMSP\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-09T22:12:06+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2022-06-10T17:16:28+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Gill Langston\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@Nable\" \/>\n<meta name=\"twitter:site\" content=\"@Nable\" \/>\n<meta name=\"twitter:label1\" content=\"Verfasst von\" \/>\n\t<meta name=\"twitter:data1\" content=\"Gill Langston\" \/>\n\t<meta name=\"twitter:label2\" content=\"Gesch\u00e4tzte Lesezeit\" \/>\n\t<meta name=\"twitter:data2\" content=\"5\u00a0Minuten\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities\"},\"author\":{\"name\":\"Gill Langston\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/ccb02e43837727da6ab962f5357e872a\"},\"headline\":\"September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities\",\"datePublished\":\"2020-09-09T23:12:06+01:00\",\"dateModified\":\"2022-06-10T17:16:28+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities\"},\"wordCount\":1043,\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"articleSection\":[\"Head Nerds\",\"Patch Management\",\"Security\"],\"inLanguage\":\"de\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities\",\"url\":\"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities\",\"name\":\"September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities - N-able\",\"isPartOf\":{\"@id\":\"https:\/\/www.n-able.com\/de#website\"},\"datePublished\":\"2020-09-09T23:12:06+01:00\",\"dateModified\":\"2022-06-10T17:16:28+00:00\",\"description\":\"Microsoft fixes 82 vulnerabilities (plus the four from March 2). Ten are marked as Critical, with the rest listed as Important. Gill Langston runs through this month\u2019s updates.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities#breadcrumb\"},\"inLanguage\":\"de\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Security\",\"item\":\"https:\/\/www.n-able.com\/de\/blog\/category\/security\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.n-able.com\/de#website\",\"url\":\"https:\/\/www.n-able.com\/de\",\"name\":\"N-able\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.n-able.com\/de#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.n-able.com\/de?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"de\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.n-able.com\/de#organization\",\"name\":\"N-able\",\"url\":\"https:\/\/www.n-able.com\/de\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"contentUrl\":\"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg\",\"width\":\"1024\",\"height\":\"1024\",\"caption\":\"N-able\"},\"image\":{\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/NableMSP\",\"https:\/\/x.com\/Nable\",\"https:\/\/www.linkedin.com\/company\/n-able\",\"https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.n-able.com\/de#\/schema\/person\/ccb02e43837727da6ab962f5357e872a\",\"name\":\"Gill Langston\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"de\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g\",\"caption\":\"Gill Langston\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities - N-able","description":"Microsoft fixes 82 vulnerabilities (plus the four from March 2). Ten are marked as Critical, with the rest listed as Important. Gill Langston runs through this month\u2019s updates.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities","og_locale":"de_DE","og_type":"article","og_title":"September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities - N-able","og_description":"Microsoft fixes 82 vulnerabilities (plus the four from March 2). Ten are marked as Critical, with the rest listed as Important. Gill Langston runs through this month\u2019s updates.","og_url":"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities","og_site_name":"N-able","article_publisher":"https:\/\/www.facebook.com\/NableMSP","article_published_time":"2020-09-09T22:12:06+00:00","article_modified_time":"2022-06-10T17:16:28+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/03\/share-image.jpg","type":"image\/jpeg"}],"author":"Gill Langston","twitter_card":"summary_large_image","twitter_creator":"@Nable","twitter_site":"@Nable","twitter_misc":{"Verfasst von":"Gill Langston","Gesch\u00e4tzte Lesezeit":"5\u00a0Minuten"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities#article","isPartOf":{"@id":"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities"},"author":{"name":"Gill Langston","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/ccb02e43837727da6ab962f5357e872a"},"headline":"September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities","datePublished":"2020-09-09T23:12:06+01:00","dateModified":"2022-06-10T17:16:28+00:00","mainEntityOfPage":{"@id":"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities"},"wordCount":1043,"publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"articleSection":["Head Nerds","Patch Management","Security"],"inLanguage":"de"},{"@type":"WebPage","@id":"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities","url":"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities","name":"September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities - N-able","isPartOf":{"@id":"https:\/\/www.n-able.com\/de#website"},"datePublished":"2020-09-09T23:12:06+01:00","dateModified":"2022-06-10T17:16:28+00:00","description":"Microsoft fixes 82 vulnerabilities (plus the four from March 2). Ten are marked as Critical, with the rest listed as Important. Gill Langston runs through this month\u2019s updates.","breadcrumb":{"@id":"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities#breadcrumb"},"inLanguage":"de","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.n-able.com\/de\/blog\/september-2020-patch-tuesday-higher-count-critical-vulnerabilities#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Security","item":"https:\/\/www.n-able.com\/de\/blog\/category\/security"},{"@type":"ListItem","position":2,"name":"September 2020 Patch Tuesday\u2014A Higher Count of Critical Vulnerabilities"}]},{"@type":"WebSite","@id":"https:\/\/www.n-able.com\/de#website","url":"https:\/\/www.n-able.com\/de","name":"N-able","description":"","publisher":{"@id":"https:\/\/www.n-able.com\/de#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.n-able.com\/de?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"de"},{"@type":"Organization","@id":"https:\/\/www.n-able.com\/de#organization","name":"N-able","url":"https:\/\/www.n-able.com\/de","logo":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/","url":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","contentUrl":"https:\/\/www.n-able.com\/wp-content\/uploads\/2021\/02\/logo-n-able-vertical-dark.svg","width":"1024","height":"1024","caption":"N-able"},"image":{"@id":"https:\/\/www.n-able.com\/de#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/NableMSP","https:\/\/x.com\/Nable","https:\/\/www.linkedin.com\/company\/n-able","https:\/\/www.youtube.com\/channel\/UClnp77HHg4aME-S-3fWQhFw"]},{"@type":"Person","@id":"https:\/\/www.n-able.com\/de#\/schema\/person\/ccb02e43837727da6ab962f5357e872a","name":"Gill Langston","image":{"@type":"ImageObject","inLanguage":"de","@id":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/7e3211da194e6f8c74fccea7140d31255418759757a5d157a8eb4fd12fd0f1f2?s=96&d=mm&r=g","caption":"Gill Langston"}}]}},"_links":{"self":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/4967","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/comments?post=4967"}],"version-history":[{"count":0,"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/posts\/4967\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.n-able.com\/de\/wp-json\/wp\/v2\/media?parent=4967"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}