We know that Windows 10 is constantly being updated with bug fixes and new functionality from time to time. However, some of the updates that come in are more important than others. And now we are facing one of those moments in which we must update Windows 10 as soon as possible. According to Microsoft, August 2020 patch for Windows 10 fixes no less than 120 vulnerabilities, two of them zero-day.
Microsoft released the August 2020 security updates on Tuesday, but they will progressively reach users in all countries. This month the company patched 120 vulnerabilities in 13 different products, from Edge to Windows and from SQL Server to .NET Framework.
Among the 120 vulnerabilities solved we find 17 errors that have received the rating of “Critical”, in addition to two vulnerabilities of the Zero Day calls. Precisely these vulnerabilities were exploited by hackers before Microsoft could provide the patches to fix them.
Day Zero Vulnerability 1
The first of the two zero-day vulnerabilities that have been fixed is a bug known as CVE-2020-1464. According to Microsoft, a hacker can exploit this bug and cause Windows incorrectly validate file signatures.
According to those responsible for Windows, attackers could use this vulnerability to “bypass security functions and upload incorrectly signed files.”
Day Zero Vulnerability 2
As for the second Zero Day vulnerability, this is known as CVE-2020-1380 and resides in the scripting engine that ships with Internet Explorer.
Microsoft has reported that it received a report from the antivirus manufacturer Kaspersky informing them that some hackers had found a remote code execution error (RCE) in the IE scripting engine and were using it to carry out attacks.
While the error resides in IE’s scripting engine, other native Microsoft applications are also affected, such as the Microsoft Office suite. This is because Office applications use the IE scripting engine to embed and render web pages within Office documents, a role in which the scripting engine plays an important role. This means that the bug can be exploited to lure users to malicious sites or by sending them Office files with dangerous traps.
Along with these two major bugs, Microsoft has fixed a host of minor bugs and fixed some system problems. So now you know, if you use Windows 10 it is advisable that you install the security update for August 2020 as soon as possible.
Other news about … Windows 10