Microsoft’s Addresses 129 CVEs in September 2020 Patch...

Microsoft’s Addresses 129 CVEs in September 2020 Patch Tuesday

On September 8, Microsoft released its Patch Tuesday Update for September 2020. This month’s release marked the fourth month in a row that Microsoft has patched over 120 CVEs, addressing 129 CVEs this month, including 23 critical-rated vulnerabilities.

For September, Microsoft released patches across a number of products including Microsoft Windows, Microsoft Edge, Microsoft ChakraCore, Internet Explorer, SQL Server, Microsoft JET Database Engine, Microsoft Office and Office Services and Web Apps, Microsoft Dynamics, Visual Studio, Microsoft Exchange Server, ASP.NET, Microsoft OneDrive and Azure DevOps.

A few of the most notable vulnerabilities patched this month include fixes for the following Microsoft SharePoint flaws:

Additionally, Microsoft released a patch CVE-2020-16875, a critical vulnerability in Microsoft Exchange Server.

For more information about the vulnerabilities patched this month, including information on Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

Microsoft’s Addresses 129 CVEs in September 2020 Patch...

Recent Discussions

Oracle January 2026 Critical Patch Update Addresses 158 CVEs

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Microsoft’s January 2026 Patch Tuesday Addresses 113 CVEs (CVE-2026-20805)

CVE-2025-14847 (MongoBleed): MongoDB Memory Leak Vulnerability Exploited in the Wild

CVE-2025-40602: SonicWall Secure Mobile Access (SMA) 1000 Zero-Day Exploited

Americas

Europe

Asia / Australia