Security News > 2020 > August > Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products.
Play a video file - thanks to flaws in Microsoft Media Foundation and Windows Codecs.
Listen to audio - thanks to bugs affecting Windows Media Audio Codec.
The vulnerability, tracked as CVE-2020-1380, was spotted by Kaspersky Labs and has been rated critical because Internet Explorer remains an important component of Windows as it still comes installed by default in the latest Windows.
The second zero-day vulnerability-tracked as CVE-2020-1464 and under active exploitation-is a Windows spoofing bug that exists when Windows incorrectly validates file signatures.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/ofaOLOH3dJk/microsoft-software-patches.html
Related news
- Microsoft lifts Windows 11 24H2 block on PCs with USB scanners (source)
- Microsoft says Auto HDR causes game freezes on Windows 11 24H2 (source)
- Microsoft adds another problem to the Windows 11 24H2 naughty list (source)
- Microsoft may have scrapped Windows 11's dynamic wallpapers feature (source)
- Microsoft to force install new Outlook on Windows 10 PCs in February (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Microsoft fixes actively exploited Windows Hyper-V zero-day flaws (source)
- Microsoft ends support for Office apps on Windows 10 in October (source)
- Microsoft expands testing of Windows 11 admin protection feature (source)
- Microsoft starts force upgrading Windows 11 22H2, 23H3 devices (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-17 | CVE-2020-1380 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. | 0.0 |
| 2020-08-17 | CVE-2020-1464 | Improper Verification of Cryptographic Signature vulnerability in Microsoft products A spoofing vulnerability exists when Windows incorrectly validates file signatures. | 0.0 |