Two 0-Days Under Active Attack, Among 120 Bugs Patched by Microsoft

kltaylorkltaylor Moderator, Beta Tester Posts: 1,231
1000 Comments 500 Likes 50 Answers 100 Awesomes
✭✭✭✭✭✭

(Source)

One of the two zero-day bugs is rated ‘critical’ and is classified as a remote code-execution bug impacting Microsoft’s Internet Explorer.

Two Microsoft vulnerabilities are under active attack, according the software giant’s August Patch Tuesday Security Updates. Patches for the flaws are available for the bugs, bringing this month’s total number of vulnerabilities to 120.

One of the flaws being exploited in the wild is (CVE-2020-1464), a Windows-spoofing bug tied to the validation of file signatures on Windows 10, 7 8.1 and versions of Windows Server. Rated “important,” the flaw allows an adversary to “bypass security features intended to prevent improperly signed files from being loaded,” Microsoft said.

A second zero-day is a remote code-execution (RCE) bug rated “critical,” which is tied to the Internet Explorer web browser. Tracked as CVE-2020-1380, this is a scripting engine memory-corruption problem. A successful hack gives the attacker same user rights as the current user, the company wrote.

“[The] vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer,” wrote Microsoft. “The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.”


To read the entire article please click on the Source link above.  Please remember to keep your OS updated as much as possible.

"There's a fine line between audacity and idiocy."
-Warden Anastasia Luccio, Captain

Comments

  • MarcMarc Moderator, Beta Tester Posts: 2,156
    100 Answers 1000 Comments 500 Likes 250 Agrees
    ✭✭✭✭✭✭
    Thanks @kltaylor...  guess its time to fire up the old PC and patch it.   :/
    Thats Daphnee, she's a good dog...
  • RobinRobin Administrator, Fing Team Posts: 3,754
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    Thanks @kltaylor Very useful information here.

    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides("Helping Hand"). HAPPY POSTING!!!
  • kltaylorkltaylor Moderator, Beta Tester Posts: 1,231
    1000 Comments 500 Likes 50 Answers 100 Awesomes
    ✭✭✭✭✭✭
    My pleasure guys, sorry for my absence ...
    "There's a fine line between audacity and idiocy."
    -Warden Anastasia Luccio, Captain
    Marc
Sign In or Register to comment.