The August batch of Patch Tuesday updates includes 120 updates for the Microsoft suite, with 17 fixes rated as Critical, and the remaining 103 ranked as Important. CVE-2020-1380 is a critical Internet Explorer (IE) vulnerability that can be abused for remote code execution (RCE), while CVE-2020-1464 is a Windows 10 security gap that can be used for spoofing.
Administrators are advised to update their systems as soon as possible as both flaws have been found being exploited in the wild. The Zero Day Initiative (ZDI) disclosed 11 flaws, five of which are critical bugs that disclosed RCE vulnerabilities, while the remaining six are rated as important vulnerabilities that can be abused to gain escalation of privileges, RCE, information disclosure, and spoofing.
Source: Trend Micro