Security News > 2020 > August > Microsoft Patches Actively Exploited Windows, IE Vulnerabilities
2020-08-11 18:49
Microsoft has addressed 120 vulnerabilities with its August 2020 Patch Tuesday updates, including a Windows spoofing bug and a remote code execution flaw in Internet Explorer that have been exploited in attacks.
The Windows spoofing vulnerability, tracked as CVE-2020-1464, is related to Windows incorrectly validating file signatures.
Many versions of Windows are affected, including Windows 7 and Windows Server 2008, for which support has ended.
Microsoft says it's aware of exploitation attempts against both the latest and older versions of Windows.
"This brings the total number of Microsoft patches released this year to 862 - 11 more patches than Microsoft shipped in all of 2019," Childs said.
News URL
Related news
- Microsoft to start force-upgrading Windows 22H2 systems next month (source)
- Microsoft fixes Windows Smart App Control zero-day exploited since 2018 (source)
- Microsoft fixes Windows Server performance issues from August updates (source)
- Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws (source)
- Microsoft rolls out Office LTSC 2024 for Windows and Mac (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- Microsoft may have revealed Windows 11 24H2 is coming this month (source)
- Microsoft ends development of Windows Server Update Services (WSUS) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-17 | CVE-2020-1464 | Improper Verification of Cryptographic Signature vulnerability in Microsoft products A spoofing vulnerability exists when Windows incorrectly validates file signatures. | 7.8 |