• Редакција
  • Приватност
  • Услови за користење
  • Маркетинг
  • Контакт
Tech News, Magazine & Review WordPress Theme 2017
  • Насловна
    • Зошто ИТ-Безбедност.мк?
  • Хакерски Новости
    • Хакерски Напади
    • Сајбер Криминал
    • Ранливости
    • Малвери/Закани
  • Туторијали и Алатки
  • Кариера
  • Контакт
No Result
View All Result
  • Насловна
    • Зошто ИТ-Безбедност.мк?
  • Хакерски Новости
    • Хакерски Напади
    • Сајбер Криминал
    • Ранливости
    • Малвери/Закани
  • Туторијали и Алатки
  • Кариера
  • Контакт
No Result
View All Result
ИТ Безбедност
No Result
View All Result

August 2020 Patch Tuesday – 120 Vulnerabilities, 17 Critical, Media Foundation, Windows Codecs, Workstation, Adobe

Филип Симеонов by Филип Симеонов
септември 1, 2020
Home Малвери/Закани
Share on FacebookShare on Twitter

This month’s Microsoft Patch Tuesday addresses 120 vulnerabilities with 17 of them labeled as Critical. The 17 Critical vulnerabilities cover Media Foundation, .NET Framework, Browsers, Scripting Engines, Office, Outlook, Windows Codecs and several other workstation vulnerabilities. Adobe released patches today for Acrobat/Reader, and Lightroom.

Workstation Patches

Today’s patch Tuesday fixes many vulnerabilities that would impact workstations. The Office, Outlook, Windows Codecs, and Media Foundation vulnerabilities should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.

Windows Spoofing Vulnerability

While listed as Important, there is an Actively Attacked spoofing vulnerability vulnerability (CVE-2020-1464) in Microsoft Windows. An attacker could exploit these vulnerabilities to take control of an affected system. This patch should be prioritized across all Windows devices.

Scripting Engine Memory Corruption Vulnerability

There is also an Actively Attacked memory corruption vulnerability (CVE-2020-1380) in the Scripting Engine. Often memory corruption vulnerabilities are “chained” with other vulnerabilities resulting in a full system compromise. This patch should be prioritized for scripting engines.

Windows Codecs Library RCE

Microsoft has patched 3 vulnerabilities (CVE-2020-1560, CVE-2020-1574, CVE-2020-1585) in Windows Codecs that would allow an attacker to obtain information to further compromise the user’s system. Microsoft notes that exploitation of this vulnerability is less likely, but these patches should still be prioritized for Windows Codecs Library.

Windows Media RCE

Microsoft patched a vulnerability (CVE-2020-1339) in Windows Media. Exploitation requires that a user opens a specially crafted document or webpage and could take complete control of the system. These patches should be prioritized for Windows Media installations.

Media Foundation Memory Corruption

Microsoft also released patches for 6 memory corruption vulnerabilities in Media Foundation (CVE-2020-1525, CVE-2020-1379, CVE-2020-1477, CVE-2020-1478, CVE-2020-1492, CVE-2020-1554). Exploiting the vulnerability would require the user to open a malicious file, and would grant the attacker the same rights as the user. All Media Foundation installations should be prioritized for patching.

Adobe

Adobe issued patches today covering multiple vulnerabilities in Acrobat/Reader, andLightroom. The patches for Acrobat/Reader are labeled as Priority 2, while the remaining patches are set to Priority 3.

While none of the vulnerabilities disclosed in Adobe’s release are known to be Actively Attacked today, all patches should be prioritized on systems with these products installed.

About Patch Tuesday

Patch Tuesday QIDs are published at Security Alerts, typically late in the evening of Patch Tuesday.

Филип Симеонов

Филип Симеонов

Next Post
Зошто ИТ-Безбедност.мк?

Russian citizen arrested in the United States on charges of organizing a cyber crime

Препорачани.

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

септември 3, 2020
Hackers are exploiting a critical flaw affecting >350,000 WordPress sites

Hackers are exploiting a critical flaw affecting >350,000 WordPress sites

септември 3, 2020

Популарно.

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

New Web-Based Credit Card Stealer Uses Telegram Messenger to Exfiltrate Data

септември 3, 2020
Global DDoS Extorters Demand Ransom from Firms

Global DDoS Extorters Demand Ransom from Firms

септември 3, 2020
Зошто ИТ-Безбедност.мк?

Russian citizen arrested in the United States on charges of organizing a cyber crime

септември 1, 2020
Iranian Hackers Pose as Journalists to Trick Victims Into Installing Malware

Iranian Hackers Pose as Journalists to Trick Victims Into Installing Malware

септември 3, 2020
Ризикот од користење на ZOOM апликацијата во банкарскиот сектор

Ризикот од користење на ZOOM апликацијата во банкарскиот сектор

септември 1, 2020
ИТ Безбедност

Специјализирано место во кое можеш да дознаеш за сите новости и информации поврзани со Сајбер Безбедност и хакирањето.

Следете не

  • Редакција
  • Приватност
  • Услови за користење
  • Маркетинг
  • Контакт

© 2020 ИТ-Безбедност. Сите права се задржани.

No Result
View All Result
  • Home

© 2020 ИТ-Безбедност. Сите права се задржани.