Microsoft Addresses RCE and spoofing vulnerability (11th August 2020)

Description

Microsoft has published security advisories, highlighting two vulnerabilities (CVE—2020-1380 and CVE-2020-1464) on August 11th, 2020. CVE—2020-1380 is a remote code execution vulnerability affecting Internet Explorer 11 (IE11) and CVE-2020-1464 is a spoofing vulnerability affecting multiple Windows products. It is recommended that you take the necessary precautions by ensuring your products are always updated.

  • CVE—2020-1380
  • CVE-2020-1464

For more information on the Microsoft updates you can follow these URLs:

CVE-2020-1380:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380

CVE-2020-1464:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464 

The Guyana National CIRT recommends that users and administrators review these guidelines and to apply them where necessary.

References

  • Microsoft Addresses RCE and spoofing vulnerability (August 11th, 2020). Retrieved from US-Cert

            https://us-cert.cisa.gov/ncas/current-activity/2020/08/11/microsoft-addresses-rce-and-spoofing-vulnerabilities-under-active

  • CVE-2020-1380 | Scripting Engine Memory Corruption Vulnerability (August 11th, 2020). Retrieved from Microsoft

            https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380

  • CVE-2020-1464 | Windows Spoofing Vulnerability (August 11th, 2020). Retrieved from Microsoft

             https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464