Security News

US Cyber Command warns Microsoft customers to immediately patch their systems against the critical and remotely exploitable CVE-2020-16898 vulnerability addressed during this month's Patch Tuesday. "Update your Microsoft software now so your system isn't exploited: CVE-2020-16898 in particular should be patched or mitigated immediately, as vulnerable systems could be compromised remotely," US Cyber Command said in a tweet earlier today,.

Microsoft has fixed nearly 90 vulnerabilities with its October 2020 Patch Tuesday updates and while none of them has been exploited in attacks, several of the flaws were publicly disclosed before the patches were released. The publicly disclosed vulnerabilities have been classified as important severity and their exploitation can lead to information disclosure or privilege escalation.

Loosely speaking, if someone can ping your unpatched Windows 10 or Windows Server 2019 computer from theirs, they can probably crash you with this bug. In other words, Windows stack overflows in networking software almost always used to lead to so-called remote code execution exploits, where attackers could trigger the bug from afar with specially crafted network traffic, run code of their own choosing, and thereby inject malware without you even being aware.

Microsoft's Update Tuesday patch dump for October 2020 has delivered security patches that attempt to address 87 CVEs for a dozen Redmond products. According to Microsoft, the Windows TCP/IP stack doesn't properly handle ICMPv6 Router Advertisement packets.

Microsoft has plugged 87 security holes, including critical ones in the Windows TCP/IP stack and Microsoft Outlook and Microsoft 365 Apps for Enterprise. CVE-2020-16898 - A Windows TCP/IP vulnerability that could be remotely exploited by sending a specially crafted ICMPv6 router advertisement to an affected Windows server or client and could allow code execution.

Windows and Mac users running Foxit's popular PhantomPDF reader should update their installations to the latest version after the US CISA cybersecurity agency warned of a handful of high-severity product vulnerabilities. Foxit has published updates for its software in both Windows and Apple Mac formats.

Microsoft says that Windows 10 and Windows Server users will be blocked from installing incorrectly formatted third-party drivers after deploying this month's cumulative updates. Starting with the October 2020 updates, Windows requires DER-encoded PKCS#7 content to be valid and correctly embedded in catalog files.

Today is the second Tuesday of October 2020 and the first batch of security updates or 'B' updates are now available for all supported versions of Windows 10. If you want to grab these updates, check for updates in the Settings and the update will begin installing.

This new Windows 10 feature is especially useful for apps that will run minimized without any user interface showing up on the screen or for those that only start a background task. At the moment, the notification only warns of apps configured to run on startup and listed in the Settings > Apps > Startup apps page as Jen Gentleman, a Senior Community Manager at Microsoft, explained.

The Windows Update client has just been added to the list of living-off-the-land binaries attackers can use to execute malicious code on Windows systems. The WSUS / Windows Update client is a utility located at %windir%system32 that provides users partial control over some of the Windows Update Agent's functionality from the command-line.