Skip to main content

2020-002: Critical Vulnerabilities for Microsoft Windows, Patch Urgently

If you or your organisation uses any of the affected products, the ACSC recommends that you apply the patches urgently.

What do I do?

The patches for these vulnerabilities are provided by Microsoft as part of the January 2020 Security updates released on 15 January 2020 (AEDT).

Further information

Microsoft Advisory – CVE-2020-0601 - https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0601

Microsoft Advisory – CVE-2020-0609 – https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0609

Microsoft Advisory – CVE-2020-0610 - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0610

Microsoft Advisory – CVE-2020-0611 - https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0611

US-CERT Alert AA20-014A - Critical Vulnerabilities in Microsoft Windows Operating Systems - https://www.us-cert.gov/ncas/alerts/aa20-014a

NSA Cyber Security Advisory- Patch Critical Cryptographic Vulnerability in Microsoft Windows Clients and Servers - https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.pdf