Security News > 2020 > August > Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked
Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products.
Play a video file - thanks to flaws in Microsoft Media Foundation and Windows Codecs.
Listen to audio - thanks to bugs affecting Windows Media Audio Codec.
The vulnerability, tracked as CVE-2020-1380, was spotted by Kaspersky Labs and has been rated critical because Internet Explorer remains an important component of Windows as it still comes installed by default in the latest Windows.
The second zero-day vulnerability-tracked as CVE-2020-1464 and under active exploitation-is a Windows spoofing bug that exists when Windows incorrectly validates file signatures.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/ofaOLOH3dJk/microsoft-software-patches.html
Related news
- Microsoft: Windows 11 22H2 reaches end of support in 60 days (source)
- Microsoft is killing the Windows Paint 3D app after 8 years (source)
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Microsoft retires Windows updates causing 0x80070643 errors (source)
- Microsoft removes FAT32 partition size limit in Windows 11 (source)
- Microsoft to rollout Windows Recall to Insiders in October (source)
- Microsoft to roll out Windows Recall to Insiders in October (source)
- Microsoft: August updates cause Windows Server boot issues, freezes (source)
- Microsoft Delays Recall Launch for Windows Insider Members Until October (source)
- Microsoft is trying to reduce Windows 11's desktop spotlight clutter (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-08-17 | CVE-2020-1380 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. | 7.8 |
| 2020-08-17 | CVE-2020-1464 | Improper Verification of Cryptographic Signature vulnerability in Microsoft products A spoofing vulnerability exists when Windows incorrectly validates file signatures. | 7.8 |