News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Details from Kaspersky on this month’s IE 0day, CVE-2020-1380

    Posted on August 12th, 2020 at 11:39 woody Comment on the AskWoody Lounge

    Boris Larin at Kaspersky has published details on one of the two “OMG! It’s a ZERO-DAY!” security holes plugged yesterday, CVE-2020-1380 – “Scripting Engine Memory Corruption Vulnerability”

    Looks like it’s Internet Explorer-only, JavaScript based, and used in an attack “on a South Korean company.”

    That’s pretty standard fare for Patch Tuesday zero-days. Yep, you have to patch eventually. Yep, if you’re defending state secrets you need to be aware of it. But for most of us it’s no big deal.