Mudcat Café message #4068042

The Mudcat Café ^TM
Thread #157780 Message #4068042
Posted By: Stilly River Sage
11-Aug-20 - 04:51 PM
Thread Name: Tech: Windows 10-what's happening - updates
Subject: RE: Tech: Windows 10-what's happening with rollout

Heads up! It's Patch Tuesday, and apparently there are a whole bunch of updates.

Microsoft August 2020 Patch Tuesday fixes 120 vulnerabilities, two zero-days

Microsoft says attackers have used a Windows zero-day to spoof file signatures and another RCE in the Internet Explorer scripting engine to execute code on users' devices.

Microsoft has started rolling out today the August 2020 Patch Tuesday security updates.

This month, the company has patched 120 vulnerabilities across 13 different products, from Edge to Windows, and from SQL Server to the .NET Framework.

Among the 120 vulnerabilities fixed this month, 17 bugs have received the highest severity rating of "Critical," and there are also two zero-days — vulnerabilities that have been exploited by hackers before Microsoft was able to provide today's patches.

Zero-day #1
The first of the two zero-days patched this month is a bug in the Windows operating system. Tracked as CVE-2020-1464, Microsoft says that an attacker can exploit this bug and have Windows incorrectly validate file signatures.

The OS maker says attackers can (ab)use this bug to "bypass security features and load improperly signed files."

As with all Microsoft security advisories, technical details about the bug and the real-world attacks have not been made public. Microsoft security team uses this approach to prevent other hackers from inferring how and where the vulnerability wors/resides, and prolong the time it takes for other exploits to appear in the wild.

Zero-day #2
As for the second zero-day, this one is tracked as CVE-2020-1380, and resides in the scripting engine that ships with Internet Explorer.

Microsoft said it received a report from antivirus maker Kaspersky that hackers had found a remote code execution (RCE) bug in the IE scripting engine and where abusing it in real-world attacks.

While the bug resides in the IE scripting engine, other native Microsoft apps are also impacted, such as the company's Office suite.

This is because Office apps use the IE scripting engine to embed and render web pages inside Office documents, a feature where the scripting engine plays a major role.

This means the bug can be exploited by luring users on malicious sites, or by sending them booby-trapped Office files.

The rest is at the link, and will be updated with more information when they get it.