Subscribe Us


A few hours after today's release of security updates to five of Adobe's widely used software, the February 2020 patch edition was also released by Microsoft on Tuesday. According to the advisories, 12 of the total problems identified this month by the tech giant are critical and 87 of them are minor.At the time of release five of the vulnerabilities are identified, four of which are critical (CVE-2020-0674) and one are also listed as active incidents.

Once Microsoft released a warning last month without implementing a fix on millions of its affected users, Microsoft warned about this flaw in the internet explorer.

As explained earlier, a remote attacker could run arbitrary code on target computers and take complete control of them by persuading victims to open a malicious web page on the vulnerable Microsoft browser. The critical RCE flaw (CVE-2020-0662) that an attacker with a domain user account can use for executing arbitrary code on a targeted system with high permissions is included in every supported version of Microsoft Windows.

The remote desktop client contains two crucial issues which are no worm bugs but can be used to compromise compromised systems associated with a malicious server. Such problems are reported as CVE-2020-0681 and CVE-20 20-0734.

An attacker needs to access a server and then compel a user to connect to it to exploit this vulnerability. An attacker would not be able to force a user to connect to the wrong server; they would have to make the user connect via social technology, DNS poisoning or the MITM technique.

There is another critical vulnerabilities (CVE-2020-0729) that exist in Microsoft Windows operating system's parsing of shortcuts to LNK which can be used successfully to enable a remote attacker to execute arbitrary code on the affected system and take full control over it. The attackers can also compromise a legitimate server, hosts malicious code and wait until the user connects.
A removable or distant drive that contains a malicious. LNK file and a related malicious binary could be given by an attacker to the user. The malicious binary executes code on the destination device when the user opens this drive (or remote share) in Windows Explorer or any other program that parsees the. LLNK script. "The advisory says.

In addition, most critical issues include memory malfunction in IE, Edge browser, and Chakra scripting engine, where a remote, unauthenticated intruder could also execute arbitrary code on a targeted system in the current user context.There is a primary safety bypass problem (CVE-2020-0689), which poses a major security threat to users. According to Microsoft, the secure boot feature contains a backdoor, which could prevent an attacker from overloading it and loading unconfidence applications.

The most recent updates also contain patches for multiple vulnerabilities that could cause low-privileged attackers to run arbitrary code in kernel mode. This could affect the Windows operating system versions. It is highly recommended that users and system managers use the latest security patches so that cyber criminals and hackers can keep control over their computers as quickly as possible. You can go to Settings — listed below in Update & Security — listed below in Windows Update — listed on your computer to install latest security updates or install these updates by hand.

Post a Comment

Previous Post Next Post