Toggle light / dark theme

Microsoft Put Off Fixing Zero Day for 2 Years

Posted in cybercrime/malcode

Microsoft Put Off Fixing Zero Day for 2 Years — Krebs on Security.


A security flaw in the way Microsoft Windows guards users against malicious files was actively exploited in malware attacks for two years before last week, when Microsoft finally issued a software update to correct the problem.

One of the 120 security holes Microsoft fixed on Aug. 11’s Patch Tuesday was CVE-2020–1464, a problem with the way every supported version of Windows validates digital signatures for computer programs.

Leave a Reply