They are the CVE-2020-1425 and the CVE-2020-1457, and affects Library on several Windows 10 and Windows Server versions. Up to date, there aren’t any alternative mitigating measures.
Eleven were critical, but none of them has been exploited by cybercrime. SecurityAffairs: One was located in the Server Message Block (SMB) protocol, and dubbed SMBleed.
They allow an actor to perform a denial of service (DoS) attack. The first one at local level, the second one by remote. Install the updates to mitigate the risks!
The Cyber Security Experts: The attackers used CVE-2020-11651 and CVE-2020-11652 to install backdoors and cryptominers. More than 6,000 devices could be compromised.
Worcester Polytechnic Institute (WPI) cyber security researchers: affected chips made by Intel and STMicroelectronics. Side-channel attacks could have caused cryptographic keys steal.
A ServiceNow-Ponemon study: Major data breaches continue to dominate, and almost 48% of organizations have had a data breach in past two years. Vulnerability is the main issue.
The platform’s experts discovered the vulnerabilities, then cooperated with the multinational in a good example of companies-vendors Cyber Security Teamwork.
Check Point cyber security experts performed a 50-day experiment with WinAFL. The automatic vulnerability-finding tools use is increasing against cyber threats.