Ref# Microsoft | Date: Aug 12th 2020

---

Description

Microsoft has published security advisories, highlighting two vulnerabilities (CVE2020-1380 and CVE-2020-1464) on August 11th, 2020. CVE2020-1380 is a remote code execution vulnerability affecting Internet Explorer 11 (IE11) and CVE-2020-1464 is a spoofing vulnerability affecting multiple Windows products. It is recommended that you take the necessary precautions by ensuring your products are always updated.

• CVE2020-1380
• CVE-2020-1464

For more information on the Microsoft updates you can follow these URLs:

CVE-2020-1380:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380

CVE-2020-1464:

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464 

The Guyana National CIRT recommends that users and administrators review these guidelines and to apply them where necessary.

References

• Microsoft Addresses RCE and spoofing vulnerability (August 11th, 2020). Retrieved from US-Cert

            https://us-cert.cisa.gov/ncas/current-activity/2020/08/11/microsoft-addresses-rce-and-spoofing-vulnerabilities-under-active

• CVE-2020-1380 | Scripting Engine Memory Corruption Vulnerability (August 11th, 2020). Retrieved from Microsoft

            https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380

• CVE-2020-1464 | Windows Spoofing Vulnerability (August 11th, 2020). Retrieved from Microsoft

             https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464