Set of patches features an strange “critical” rated elevation of privilege bug
Microsoft has patched a hundred and twenty CVEs for August, which includes 17 labelled crucial and two underneath active assault in the wild. The release provides its patches to 862 so far this year — more than comprehensive-year 2019.
The patches plug vulnerabilities in Windows, Microsoft Scripting Engine, SQL Server, .Net Framework, ASP.Net Main, Business and Business Companies and Net Applications, Microsoft Dynamics and more.
Less than active assault:
CVE-2020-1464 – Windows Spoofing Vulnerability
This spoofing bug permits an attacker to load improperly signed documents, bypassing signature verification.
With a new Windows file signature spoofing vuln (CVE-2020-1464) currently being actively exploited in the wild – review the detection policies you have in place that warn when (what purport to be) Windows method documents behave abnormally. Several illustrations under employing @cortexbypanw & @sansforensics https://t.co/2PwaXnZQLO