SELECTED BY THE TALOS SECURITY INTELLIGENCE AND RESEARCH GROUP
Title: Microsoft discloses 111 vulnerabilities as part of monthly security update
Description: Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 111 vulnerabilities. Fifteen of the flaws Microsoft disclosed are considered critical. There are also 95 "important" vulnerabilities and six low- and moderate-severity vulnerabilities each. This month's security update also covers security issues in a variety of Microsoft services and software, including SharePoint, Media Foundation and the Chakra scripting engine.
Snort SIDs: 53916 - 53919, 53924 - 53933, 53940, 53941, 53950, 53951
Title: Adobe releases fixes for 36 vulnerabilities, 12 of which are critical
Description: Adobe disclosed 36 vulnerabilities this week in Acrobat, Reader and DNG. Twelve of the bugs are considered critical. Specifically, in Acrobat, there are six different vulnerabilities that could allow an adversary to execute arbitrary code on the victim machine. The DNG Software Development Kit also contains four heap overflow issues (CVE-2020-9589, CVE-2020-9590 , CVE-2020-9620, CVE-2020-9621) that can all lead to remote code execution attacks.
Snort SIDs: 53563, 53564, 53485, 53486