Security News > 2020 > October > Microsoft fixes Windows certificate spoofing bug abusing CAT files
Microsoft's October 2020 Patch Tuesday fixed 87 security bugs, one of which is an "Important" Windows Spoofing Vulnerability that abuses CAT files.
The flaw allows an attacker to combine a legitimately signed Microsoft Windows Installer package with the attacker's JAR file into an encapsulating JAR file.
"A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files," Microsoft's CVE-2020-16922 advisory states.
In a private Microsoft enterprise security advisory shared with BleepingComputer, Microsoft explains that yesterday's update extends August's CVE-2020-1464 to include Microsoft catalog files, which can also be signed with a digital signature.
"Malware authors have exploited this vulnerability by crafting polyglot malware, combining multiple file types to produce a new merged type. More specifically, they have used validly signed MSI or CAT files from Microsoft and other software publishers, combining them with malicious Java archives and files to take full advantage of the way JAR files are read," the advisory further continued.
News URL
Related news
- Microsoft is killing the Windows Paint 3D app after 8 years (source)
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Microsoft retires Windows updates causing 0x80070643 errors (source)
- Microsoft removes FAT32 partition size limit in Windows 11 (source)
- Microsoft to rollout Windows Recall to Insiders in October (source)
- Microsoft to roll out Windows Recall to Insiders in October (source)
- Microsoft: August updates cause Windows Server boot issues, freezes (source)
- Microsoft Delays Recall Launch for Windows Insider Members Until October (source)
- Microsoft is trying to reduce Windows 11's desktop spotlight clutter (source)
- Microsoft to start force-upgrading Windows 22H2 systems next month (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-16 | CVE-2020-16922 | Improper Verification of Cryptographic Signature vulnerability in Microsoft products <p>A spoofing vulnerability exists when Windows incorrectly validates file signatures. | 5.3 |
2020-08-17 | CVE-2020-1464 | Improper Verification of Cryptographic Signature vulnerability in Microsoft products A spoofing vulnerability exists when Windows incorrectly validates file signatures. | 7.8 |