If you’re computer took forever to reboot, here’s why. Microsoft rolled out patches for a whopping 129 vulnerabilities in June’s Patch Tuesday. The patches covered vulnerabilities in Windows 10, Office, Microsoft Edge, and other Microsoft software. It marked the 4th month in a row that MS released patches for more than 110 CVEs. MS has already patched 616 CVEs – and it’s only June!
One patch in particular, CVE-2020-1299 in Windows 10, stands out from the rest as it could allow remote code execution when a .LNK file, which is a shortcut or “link”, is processed. If an attacker were to embed a malicious shortcut in a removable drive or remote share and convince a user to open it, then the malicious binary will be able to execute code.
Here’s the full list.
CVE | Title | Severity | Public | Exploited | XI – Latest | XI – Older | Type |
CVE-2020-1248 | GDI+ Remote Code Execution Vulnerability | Critical | No | No | 2 | 2 | RCE |
CVE-2020-1299 | LNK Remote Code Execution Vulnerability | Critical | No | No | 2 | 2 | RCE |
CVE-2020-1219 | Microsoft Browser Memory Corruption Vulnerability | Critical | No | No | 1 | 1 | RCE |
CVE-2020-1181 | Microsoft SharePoint Server Remote Code Execution Vulnerability | Critical | No | No | 2 | 2 | RCE |
CVE-2020-1073 | Scripting Engine Memory Corruption Vulnerability | Critical | No | No | 2 | 2 | RCE |
CVE-2020-1213 | VBScript Remote Code Execution Vulnerability | Critical | No | No | 1 | 1 | RCE |
CVE-2020-1216 | VBScript Remote Code Execution Vulnerability | Critical | No | No | 1 | 1 | RCE |
CVE-2020-1260 | VBScript Remote Code Execution Vulnerability | Critical | No | No | 1 | 1 | RCE |
CVE-2020-1281 | Windows OLE Remote Code Execution Vulnerability | Critical | No | No | 2 | 2 | RCE |
CVE-2020-1300 | Windows Remote Code Execution Vulnerability | Critical | No | No | 2 | 2 | RCE |
CVE-2020-1286 | Windows Shell Remote Code Execution Vulnerability | Critical | No | No | 2 | 2 | RCE |
CVE-2020-1311 | Component Object Model Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1211 | Connected Devices Platform Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1120 | Connected User Experiences and Telemetry Service Denial of Service Vulnerability | Important | No | No | 2 | 2 | DoS |
CVE-2020-1244 | Connected User Experiences and Telemetry Service Denial of Service Vulnerability | Important | No | No | 2 | 2 | DoS |
CVE-2020-1202 | Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1203 | Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1257 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1278 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1293 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1317 | Group Policy Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1315 | Internet Explorer Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1208 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 2 | 2 | RCE |
CVE-2020-1236 | Jet Database Engine Remote Code Execution Vulnerability | Important | No | No | 2 | 2 | RCE |
CVE-2020-1232 | Media Foundation Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1238 | Media Foundation Memory Corruption Vulnerability | Important | No | No | 2 | 2 | RCE |
CVE-2020-1239 | Media Foundation Memory Corruption Vulnerability | Important | No | No | 2 | 2 | RCE |
CVE-2020-1329 | Microsoft Bing Search Spoofing Vulnerability | Important | No | No | 2 | 2 | Spoof |
CVE-2020-1220 | Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability | Important | No | No | 2 | 2 | Spoof |
CVE-2020-1242 | Microsoft Edge Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1225 | Microsoft Excel Remote Code Execution Vulnerability | Important | No | No | 2 | 2 | RCE |
CVE-2020-1226 | Microsoft Excel Remote Code Execution Vulnerability | Important | No | No | 2 | 2 | RCE |
CVE-2020-1160 | Microsoft Graphics Component Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1321 | Microsoft Office Remote Code Execution Vulnerability | Important | No | No | 2 | 2 | RCE |
CVE-2020-1177 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | 2 | 2 | XSS |
CVE-2020-1183 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | 2 | 2 | XSS |
CVE-2020-1297 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | 2 | 2 | XSS |
CVE-2020-1298 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | 2 | 2 | XSS |
CVE-2020-1318 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | 2 | 2 | XSS |
CVE-2020-1320 | Microsoft Office SharePoint XSS Vulnerability | Important | No | No | 2 | 2 | XSS |
CVE-2020-1229 | Microsoft Outlook Security Feature Bypass Vulnerability | Important | No | No | 2 | 2 | SFB |
CVE-2020-1322 | Microsoft Project Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1295 | Microsoft SharePoint Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1178 | Microsoft SharePoint Server Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1148 | Microsoft SharePoint Spoofing Vulnerability | Important | No | No | 2 | 2 | Spoof |
CVE-2020-1289 | Microsoft SharePoint Spoofing Vulnerability | Important | No | No | 2 | 2 | Spoof |
CVE-2020-1222 | Microsoft Store Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1309 | Microsoft Store Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1163 | Microsoft Windows Defender Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1170 | Microsoft Windows Defender Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1340 | NuGetGallery Spoofing Vulnerability | Important | No | No | 2 | 2 | Spoof |
CVE-2020-1212 | OLE Automation Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1292 | OpenSSH for Windows Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1323 | SharePoint Open Redirect Vulnerability | Important | No | No | 2 | 2 | Spoof |
CVE-2020-1331 | System Center Spoofing Vulnerability | Important | No | No | 2 | 2 | Spoof |
CVE-2020-1327 | Team Foundation Server HTML Injection Vulnerability | Important | No | No | 2 | 2 | Spoof |
CVE-2020-1214 | VBScript Remote Code Execution Vulnerability | Important | No | No | 1 | 1 | RCE |
CVE-2020-1215 | VBScript Remote Code Execution Vulnerability | Important | No | No | 1 | 1 | RCE |
CVE-2020-1230 | VBScript Remote Code Execution Vulnerability | Important | No | No | 1 | 1 | RCE |
CVE-2020-1343 | Visual Studio Code Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1207 | Win32k Elevation of Privilege Vulnerability | Important | No | No | 1 | 1 | EoP |
CVE-2020-1247 | Win32k Elevation of Privilege Vulnerability | Important | No | No | 1 | 1 | EoP |
CVE-2020-1251 | Win32k Elevation of Privilege Vulnerability | Important | No | No | 1 | 1 | EoP |
CVE-2020-1253 | Win32k Elevation of Privilege Vulnerability | Important | No | No | 1 | 1 | EoP |
CVE-2020-1258 | Win32k Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1310 | Win32k Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1290 | Win32k Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1255 | Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1271 | Windows Backup Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1280 | Windows Bluetooth Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1283 | Windows Denial of Service Vulnerability | Important | No | No | 2 | 2 | DoS |
CVE-2020-1296 | Windows Diagnostics & feedback Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1162 | Windows Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1324 | Windows Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1234 | Windows Error Reporting Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1261 | Windows Error Reporting Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1263 | Windows Error Reporting Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1197 | Windows Error Reporting Manager Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1199 | Windows Feedback Hub Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-0915 | Windows GDI Elevation of Privilege Vulnerability | Important | No* | No | 2 | 2 | EoP |
CVE-2020-0916 | Windows GDI Elevation of Privilege Vulnerability | Important | No* | No | 2 | 2 | EoP |
CVE-2020-1348 | Windows GDI Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1259 | Windows Host Guardian Service Security Feature Bypass Vulnerability | Important | No | No | 2 | 2 | SFB |
CVE-2020-1272 | Windows Installer Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1277 | Windows Installer Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1302 | Windows Installer Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1312 | Windows Installer Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-0986 | Windows Kernel Elevation of Privilege Vulnerability | Important | No* | No | 2 | 2 | EoP |
CVE-2020-1237 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1246 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1262 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1264 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1266 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1269 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1273 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1274 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1275 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1276 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1307 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1316 | Windows Kernel Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1241 | Windows Kernel Security Feature Bypass Vulnerability | Important | No | No | 1 | 1 | SFB |
CVE-2020-1279 | Windows Lockscreen Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1204 | Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1254 | Windows Modules Installer Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1291 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1209 | Windows Network List Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1201 | Windows Now Playing Session Manager Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1196 | Windows Print Configuration Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1194 | Windows Registry Denial of Service Vulnerability | Important | No | No | 2 | 2 | DoS |
CVE-2020-1231 | Windows Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1233 | Windows Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1235 | Windows Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1265 | Windows Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1282 | Windows Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1304 | Windows Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1306 | Windows Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1334 | Windows Runtime Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1217 | Windows Runtime Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1268 | Windows Service Information Disclosure Vulnerability | Important | No | No | 2 | 2 | Info |
CVE-2020-1301 | Windows SMB Remote Code Execution Vulnerability | Important | No | No | 1 | 1 | RCE |
CVE-2020-1284 | Windows SMBv3 Client/Server Denial of Service Vulnerability | Important | No | No | 1 | 1 | DoS |
CVE-2020-1206 | Windows SMBv3 Client/Server Information Disclosure Vulnerability | Important | No | No | 1 | 1 | Info |
CVE-2020-1305 | Windows State Repository Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1314 | Windows Text Service Framework Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1313 | Windows Update Orchestrator Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1287 | Windows WalletService Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1294 | Windows WalletService Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1270 | Windows WLAN Service Elevation of Privilege Vulnerability | Important | No | No | 2 | 2 | EoP |
CVE-2020-1223 | Word for Android Remote Code Execution Vulnerability | Important | No | No | 2 | 2 | RCE |