Today is Microsoft’s August 2020 Patch Tuesday, and while this is just a typical day for most of you, Windows administrators around the world want to pull their hair out.
With the release of the August 2020 Patch Tuesday security updates, Microsoft has released one Servicing Stack Update for Windows 10 advisory and fixes for 120 vulnerabilities in Microsoft products.
Of these vulnerabilities, 17 are classified as Critical, and 103 are classified as Important.
This release is the third-largest Patch Tuesday update ever released by Microsoft, with the second-largest being 123 fixes in July 2020, and the largest being issued in June 2020 with 129 fixes.
As these updates fix two zero-day vulnerabilities that have been actively exploited in attacks, users should install these security updates as soon as possible.
For information about the non-security Windows updates, you can read about today’s Windows 10 KB4566782 & KB4565351 cumulative updates.
Two zero-day vulnerabilities used in active attacks
According to Microsoft, two of the vulnerabilities are actively being used in attacks, with one of them publicly disclosed.
The first is “CVE-2020-1380 | Scripting Engine Memory Corruption Vulnerability,” a remote code execution vulnerability in Internet Explorer 11 that Boris Larin (Oct0xor) of Kaspersky Lab.
“In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.”
According to Microsoft, this vulnerability is being actively exploited in attacks, and as it can be used in malicious Office documents, it was most likely spotted in phishing campaigns.
The second vulnerability that is actively being used is “CVE-2020-1464 | Windows Spoofing Vulnerability” and allows attackers to spoof other companies when digitally signing an executable.
These spoofed signatures could allow an attacker to “bypass security features intended to prevent improperly signed files from being loaded.”
To read the original article: https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2020-patch-tuesday-fixes-2-zero-days-120-flaws/