14 DAY TRIAL // Microsoft’s August 2020 Patch Tuesday cycle includes fixes for no less than 120 security vulnerabilities in its products, out of which a total of 17 have been given a critical severity rating. The remaining 103 are all considered to be important.
While this is a massive Patch Tuesday rollout, there are two security vulnerabilities that need to be prioritized, as they are already being exploited in the wild by malicious attacks.
The first of them is CVE-2020-1380, a remote code execution vulnerability that impacts Internet Explorer 11 and therefore exposes all operating systems where it’s installed, including Windows 10.
“The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights,” Microsoft says.
An attacker could technically exploit the flaw using a crafted website that would include malicious ActiveX controls or Microsoft Office documents.
Publicly disclosed Windows vulnerability
The second flaw that’s currently being exploited is detailed in CVE-2020-1464 and is a spoofing vulnerability affecting Windows operating systems.
“A spoofing vulnerability exists when Windows incorrectly validates file signatures. An attacker who successfully exploited this vulnerability could bypass security features and load improperly signed files. In an attack scenario, an attacker could bypass security features intended to prevent improperly signed files from being loaded,” Microsoft says.
This time, the issue has been publicly disclosed, and Microsoft says it’s already seeing attacks happening in the wild.
Needless to say, patching is recommended as soon as possible. System reboots will be required on all endpoints, so make sure the work is saved before update deployment starts.