As part of its Patch Tuesday release on August 11, 2020, Microsoft included a zero day vulnerability that went unfixed for several years. This vulnerability, CVE-2020-1464 and dubbed “GlueBall”, could allow an attacker to bypass security features built into Windows to validate file signatures, ultimately allowing an attacker to run improperly signed binaries on a system. This spoofing vulnerability was first seen in the wild being used by malware in August 2018, when several researchers notified Microsoft of the problem. It is recommended that the MS20-AUG patch be applied immediately as it will correct how Windows validates file signatures.
“GlueBall” Microsoft Windows Spoofing Vulnerability – Expert Source
Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics