Security News > 2020 > August > Microsoft Patches Actively Exploited Windows, IE Vulnerabilities

Microsoft Patches Actively Exploited Windows, IE Vulnerabilities
2020-08-11 18:49

Microsoft has addressed 120 vulnerabilities with its August 2020 Patch Tuesday updates, including a Windows spoofing bug and a remote code execution flaw in Internet Explorer that have been exploited in attacks.

The Windows spoofing vulnerability, tracked as CVE-2020-1464, is related to Windows incorrectly validating file signatures.

Many versions of Windows are affected, including Windows 7 and Windows Server 2008, for which support has ended.

Microsoft says it's aware of exploitation attempts against both the latest and older versions of Windows.

"This brings the total number of Microsoft patches released this year to 862 - 11 more patches than Microsoft shipped in all of 2019," Childs said.


News URL

http://feedproxy.google.com/~r/Securityweek/~3/I1k6Ud_c4-E/microsoft-patches-actively-exploited-windows-ie-vulnerabilities

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-08-17 CVE-2020-1464 Improper Verification of Cryptographic Signature vulnerability in Microsoft products
A spoofing vulnerability exists when Windows incorrectly validates file signatures.
local
low complexity
microsoft CWE-347
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5127 264 7774