Microsoft has recently announced that its November 2020 patch has addressed over 110 vulnerabilities. This includes a critical Windows issue – which Google Project Zero disclosed after it was found to be exploited in cyber-attacks.
The Windows vulnerability has been tracked as CVE-2020-17087. It is a local privilege escalation flaw and associated with the Windows Kernel Cryptography Driver.
Read More: Cyber-attacks and Disruptive Events Spike amid COVID-19
The important-rated vulnerabilities have been impacting Windows, Azure Sphere, Dynamics 365, browsers, Office, Visual Studio, SharePoint, and more. They can be exploited for DoS attacks, spoofing attacks, privilege escalation for obtaining data.
Source: securityweek