Security News > 2020 > August > Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products.
Play a video file - thanks to flaws in Microsoft Media Foundation and Windows Codecs.
Listen to audio - thanks to bugs affecting Windows Media Audio Codec.
The vulnerability, tracked as CVE-2020-1380, was spotted by Kaspersky Labs and has been rated critical because Internet Explorer remains an important component of Windows as it still comes installed by default in the latest Windows.
The second zero-day vulnerability-tracked as CVE-2020-1464 and under active exploitation-is a Windows spoofing bug that exists when Windows incorrectly validates file signatures.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/ofaOLOH3dJk/microsoft-software-patches.html
Related news
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Microsoft expands testing of Windows 11 admin protection feature (source)
- Microsoft starts force upgrading Windows 11 22H2, 23H3 devices (source)
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- Microsoft removes Assassin’s Creed Windows 11 upgrade blocks (source)
- Microsoft fixes Windows Server 2022 bug breaking device boot (source)
- Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch (source)
- Microsoft: January Windows security updates break audio playback (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-17 | CVE-2020-1380 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. | 0.0 |
| 2020-08-17 | CVE-2020-1464 | Improper Verification of Cryptographic Signature vulnerability in Microsoft products A spoofing vulnerability exists when Windows incorrectly validates file signatures. | 0.0 |