Microsoft has patched over one-hundred twenty (120) vulnerabilities across thirteen (13) of its products as part of its monthly security and non-security update. Two of the addressed flaws have reportedly been exploited in the wild as a zero-day, likely as part of a targeted attack.
A spoofing vulnerability tracked as CVE-2020-1464 affecting Windows Operating System that exists when Windows incorrectly validate file signatures. Successful exploitation would enable attackers to bypass security features to allow improperly signed files to be loaded.
The other flaw is tracked as CVE-2020-1380, a remote code execution vulnerability in Microsoft’s Scripting Engine related to how objects in memory are handled by Internet Explorer. To exploit the bug, an attacker must lure users to visit a specially crafted website or by sending them booby-trapped Office files to view through the use of Internet Explorer. Successful exploitation would enable attackers to execute arbitrary code in the context of the current user. Moreover, a compromised user with administrative privileges could allow attackers to perform a variety of actions including creating accounts with full privileges, accessing and deleting data, and installing malicious programs.
- Windows 7 to Windows 10
- Windows Server 2008 to 2019
CERT-PH recommends the following actions be taken:
Immediately test and apply the corresponding patched versions of the affected system from the latest monthly update published by Microsoft. (https://support.microsoft.com/en-ph/help/4563408/august-2020-updates-for-microsoft-office)