Security News > 2020 > August > Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked

Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
2020-08-12 05:35

Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products.

Play a video file - thanks to flaws in Microsoft Media Foundation and Windows Codecs.

Listen to audio - thanks to bugs affecting Windows Media Audio Codec.

The vulnerability, tracked as CVE-2020-1380, was spotted by Kaspersky Labs and has been rated critical because Internet Explorer remains an important component of Windows as it still comes installed by default in the latest Windows.

The second zero-day vulnerability-tracked as CVE-2020-1464 and under active exploitation-is a Windows spoofing bug that exists when Windows incorrectly validates file signatures.


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/ofaOLOH3dJk/microsoft-software-patches.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2020-08-17 CVE-2020-1380 Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer.
local
low complexity
microsoft CWE-787
7.8
7.8
2020-08-17 CVE-2020-1464 Improper Verification of Cryptographic Signature vulnerability in Microsoft products
A spoofing vulnerability exists when Windows incorrectly validates file signatures.
local
low complexity
microsoft CWE-347
7.8
7.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Microsoft 480 75 2308 5128 264 7775