Microsoft August 2020 Patch Tuesday fixes 120 vulnerabilities, two zero-days

TagCVE IDCVE Title.NET FrameworkCVE-2020-1476ASP.NET and .NET Elevation of Privilege Vulnerability.NET FrameworkCVE-2020-1046.NET Framework Remote Code Execution VulnerabilityASP.NETCVE-2020-1597ASP.NET Core Denial of Service VulnerabilityInternet ExplorerCVE-2020-1567MSHTML Engine Remote Code Execution VulnerabilityMicrosoft DynamicsCVE-2020-1591Microsoft Dynamics 365 (On-Premise) Cross Site Scripting VulnerabilityMicrosoft EdgeCVE-2020-1569Microsoft Edge Memory Corruption VulnerabilityMicrosoft EdgeCVE-2020-1568Microsoft Edge PDF Remote Code Execution VulnerabilityMicrosoft Graphics ComponentCVE-2020-1562Microsoft Graphics Components Remote Code Execution VulnerabilityMicrosoft Graphics ComponentCVE-2020-1577DirectWrite Information Disclosure VulnerabilityMicrosoft Graphics ComponentCVE-2020-1561Microsoft Graphics Components Remote Code Execution VulnerabilityMicrosoft Graphics ComponentCVE-2020-1510Win32k Information Disclosure VulnerabilityMicrosoft Graphics ComponentCVE-2020-1529Windows GDI Elevation of Privilege VulnerabilityMicrosoft JET Database EngineCVE-2020-1473Jet Database Engine Remote Code Execution VulnerabilityMicrosoft JET Database EngineCVE-2020-1558Jet Database Engine Remote Code Execution VulnerabilityMicrosoft JET Database EngineCVE-2020-1557Jet Database Engine Remote Code Execution VulnerabilityMicrosoft JET Database EngineCVE-2020-1564Jet Database Engine Remote Code Execution VulnerabilityMicrosoft OfficeCVE-2020-1483Microsoft Outlook Memory Corruption VulnerabilityMicrosoft OfficeCVE-2020-1504Microsoft Excel Remote Code Execution VulnerabilityMicrosoft OfficeCVE-2020-1503Microsoft Word Information Disclosure VulnerabilityMicrosoft OfficeCVE-2020-1495Microsoft Excel Remote Code Execution VulnerabilityMicrosoft OfficeCVE-2020-1494Microsoft Excel Remote Code Execution VulnerabilityMicrosoft OfficeCVE-2020-1493Microsoft Outlook Information Disclosure VulnerabilityMicrosoft OfficeCVE-2020-1496Microsoft Excel Remote Code Execution VulnerabilityMicrosoft OfficeCVE-2020-1502Microsoft Word Information Disclosure VulnerabilityMicrosoft OfficeCVE-2020-1498Microsoft Excel Remote Code Execution VulnerabilityMicrosoft OfficeCVE-2020-1497Microsoft Excel Information Disclosure VulnerabilityMicrosoft OfficeCVE-2020-1581Microsoft Office Click-to-Run Elevation of Privilege VulnerabilityMicrosoft OfficeCVE-2020-1563Microsoft Office Remote Code Execution VulnerabilityMicrosoft OfficeCVE-2020-1582Microsoft Access Remote Code Execution VulnerabilityMicrosoft OfficeCVE-2020-1583Microsoft Word Information Disclosure VulnerabilityMicrosoft Office SharePointCVE-2020-1505Microsoft SharePoint Information Disclosure VulnerabilityMicrosoft Office SharePointCVE-2020-1573Microsoft Office SharePoint XSS VulnerabilityMicrosoft Office SharePointCVE-2020-1499Microsoft SharePoint Spoofing VulnerabilityMicrosoft Office SharePointCVE-2020-1500Microsoft SharePoint Spoofing VulnerabilityMicrosoft Office SharePointCVE-2020-1580Microsoft Office SharePoint XSS VulnerabilityMicrosoft Office SharePointCVE-2020-1501Microsoft SharePoint Spoofing VulnerabilityMicrosoft Scripting EngineCVE-2020-1570Scripting Engine Memory Corruption VulnerabilityMicrosoft Scripting EngineCVE-2020-1555Scripting Engine Memory Corruption VulnerabilityMicrosoft Scripting EngineCVE-2020-1380Scripting Engine Memory Corruption VulnerabilityMicrosoft Video ControlCVE-2020-1492Media Foundation Memory Corruption VulnerabilityMicrosoft WindowsCVE-2020-1485Windows Image Acquisition Service Information Disclosure VulnerabilityMicrosoft WindowsCVE-2020-1587Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1551Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1484Windows Work Folders Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1489Windows CSC Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1584Windows dnsrslvr.dll Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1486Windows Kernel Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1488Windows AppX Deployment Extensions Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1490Windows Storage Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1515Windows Telephony Server Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1513Windows CSC Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1553Windows Runtime Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1552Windows Work Folder Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1566Windows Kernel Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1579Windows Function Discovery SSDP Provider Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1512Windows State Repository Service Information Disclosure VulnerabilityMicrosoft WindowsCVE-2020-1511Connected User Experiences and Telemetry Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1480Windows GDI Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1542Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1543Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1540Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1541Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1544Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1547Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1519Windows UPnP Device Host Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1545Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1546Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1539Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1528Windows Radio Manager API Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1530Windows Remote Access Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1526Windows Network Connection Broker Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1527Windows Custom Protocol Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1534Windows Backup Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1537Windows Remote Access Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1520Windows Font Driver Host Remote Code Execution VulnerabilityMicrosoft WindowsCVE-2020-1535Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1536Windows Backup Engine Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1470Windows Work Folders Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1509Local Security Authority Subsystem Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1459Windows ARM Information Disclosure VulnerabilityMicrosoft WindowsCVE-2020-1538Windows UPnP Device Host Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1475Windows Server Resource Management Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1464Windows Spoofing VulnerabilityMicrosoft WindowsCVE-2020-1467Windows Hard Link Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1550Windows CDP User Components Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1517Windows File Server Resource Management Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1518Windows File Server Resource Management Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1516Windows Work Folders Service Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1549Windows CDP User Components Elevation of Privilege VulnerabilityMicrosoft WindowsCVE-2020-1383Windows RRAS Service Information Disclosure VulnerabilityMicrosoft Windows Codecs LibraryCVE-2020-1574Microsoft Windows Codecs Library Remote Code Execution VulnerabilityMicrosoft Windows Codecs LibraryCVE-2020-1560Microsoft Windows Codecs Library Remote Code Execution VulnerabilityMicrosoft Windows Codecs LibraryCVE-2020-1585Microsoft Windows Codecs Library Remote Code Execution VulnerabilityNetlogonCVE-2020-1472Netlogon Elevation of Privilege VulnerabilitySQL ServerCVE-2020-1455Microsoft SQL Server Management Studio Denial of Service VulnerabilityVisual StudioCVE-2020-0604Visual Studio Code Remote Code Execution VulnerabilityWindows AICVE-2020-1521Windows Speech Runtime Elevation of Privilege VulnerabilityWindows AICVE-2020-1522Windows Speech Runtime Elevation of Privilege VulnerabilityWindows AICVE-2020-1524Windows Speech Shell Components Elevation of Privilege VulnerabilityWindows COMCVE-2020-1474Windows Image Acquisition Service Information Disclosure VulnerabilityWindows KernelCVE-2020-1578Windows Kernel Information Disclosure VulnerabilityWindows KernelCVE-2020-1417Windows Kernel Elevation of Privilege VulnerabilityWindows KernelCVE-2020-1479DirectX Elevation of Privilege VulnerabilityWindows MediaCVE-2020-1379Media Foundation Memory Corruption VulnerabilityWindows MediaCVE-2020-1554Media Foundation Memory Corruption VulnerabilityWindows MediaCVE-2020-1339Windows Media Remote Code Execution VulnerabilityWindows MediaCVE-2020-1525Media Foundation Memory Corruption VulnerabilityWindows MediaCVE-2020-1487Media Foundation Information Disclosure VulnerabilityWindows Media PlayerCVE-2020-1478Media Foundation Memory Corruption VulnerabilityWindows Media PlayerCVE-2020-1477Media Foundation Memory Corruption VulnerabilityWindows Print Spooler ComponentsCVE-2020-1337Windows Print Spooler Elevation of Privilege VulnerabilityWindows RDPCVE-2020-1466Windows Remote Desktop Gateway (RD Gateway) Denial of Service VulnerabilityWindows RegistryCVE-2020-1377Windows Registry Elevation of Privilege VulnerabilityWindows RegistryCVE-2020-1378Windows Registry Elevation of Privilege VulnerabilityWindows ShellCVE-2020-1565Windows Elevation of Privilege VulnerabilityWindows ShellCVE-2020-1531Windows Accounts Control Elevation of Privilege VulnerabilityWindows Update StackCVE-2020-1571Windows Setup Elevation of Privilege VulnerabilityWindows Update StackCVE-2020-1548Windows WaasMedic Service Information Disclosure VulnerabilityWindows WalletServiceCVE-2020-1556Windows WalletService Elevation of Privilege VulnerabilityWindows WalletServiceCVE-2020-1533Windows WalletService Elevation of Privilege Vulnerability

Source : ZDNet

Huge security flaw in macOS lets hackers steal your passwords

Motorola Moto G (2nd Gen) gets Android Marshmallow update

WhatsApp down on New Year’s Eve: Users worldwide unable to connect as messaging app crashes repeatedly

WhatsApp for Windows Phone update brings starred messages, new camera interface

Microsoft Lumia 950 Dual SIM, Lumia 950 XL Dual SIM Launched in India

Nokia C1 Leak Tips Launch With Android and Windows 10 Mobile

A solar-powered “Lunar” smartwatch seems like a good idea — if it works

TV Service is being killed by Google Fiber; The Company wants to concentrate on High Speed Internet

Google Home now lets you set and manage your reminders

Hacker Steve Lord says Windows Phone is the”hardest nut to crack”

Google Makes Full-Disk Encryption Mandatory for New Android 6.0 Devices

Hike users can now send messages without internet

Social-Analyzer – API And Web App For Analyzing And Finding A Person Profile Across +300 Social Media Websites (Detections Are Updated Regularly)

Six Methods to Create a Secure Password You’ll Actually Remember [INFOGRAPHIC]

Here’s how to kick nazis off your Twitter right now

Twitter CEO promises to crack down on hate, violence and harassment with “more aggressive” rules

Twitter users join 24hr boycott to protest online harassment

Twitter says it may “refine” its policies after reversing position on Blackburn campaign ad

WhatsApp video calling feature, new design leaked

Microsoft Lumia 950 Dual SIM, Lumia 950 XL Dual SIM Launched in India

Flipkart Partners With Google to Launch App-Like Mobile Website

Google Makes Full-Disk Encryption Mandatory for New Android 6.0 Devices

Indian govt to launch its own operating system for official use

Google Makes Website Making Easy With “Material Design Lite” and Free Website Builder

CakeFuzzer – Automatically And Continuously Discover Vulnerabilities In Web Applications Created Based On Specific Frameworks

Mantra – A Tool Used To Hunt Down API Key Leaks In JS Files And Pages

ScrapPY – A Python Utility For Scraping Manuals, Documents, And Other Sensitive PDFs To Generate Wordlists That Can Be Utilized By Offensive Security Tools

Parrot 5.1 – Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Psudohash – Password List Generator That Focuses On Keywords Mutated By Commonly Used Password Creation Patterns

Hoaxshell – An Unconventional Windows Reverse Shell, Currently Undetected By Microsoft Defender And Various Other AV Solutions, Solely Based On Http(S) Traffic

Callisto – An Intelligent Binary Vulnerability Analysis Tool

Surf – Escalate Your SSRF Vulnerabilities On Modern Cloud Environments

LFI-FINDER – Tool Focuses On Detecting Local File Inclusion (LFI) Vulnerabilities

Artemis – APK Infrastructure Investigator

Artemis – A Modular Web Reconnaissance Tool And Vulnerability Scanner

FirebaseExploiter – Vulnerability Discovery Tool That Discovers Firebase Database Which Are Open And Can Be Exploitable

Sri Lanka arrests 2 men over Taiwan bank hacking

Here’s the Facebook Hacking Tool that Can Really Hack Accounts, But…

3 Wipro employees arrested for hacking UK firm TalkTalk

Samsung agrees to pay Apple $548 million for copying its iPhone designs

Indian hackers ‘pay back’ Pakistan for 26/11

Boy, 15, arrested in Northern Ireland in connection with TalkTalk hack

Sri Lanka arrests 2 men over Taiwan bank hacking

324,000 Financial Records with CVV Numbers Stolen From A Payment Gateway

Over 800,000 Brazzers User Accounts Hacked

Aryabhatta college of Delhi University (DU) website hacked by Pakistani Hackers

Indian Railways page hacked by Al Qaeda. And this is the message they left for Indian Muslims

JNU’s Website Defaced by Indian Hackers

‘Pokémon Snap’ lives on through ‘Pokémon Go’ photography contest

Desk lamp transforms from notepad into a modern, stylish lamp

Nissan drove a GT-R around a racetrack using a PS4 controller

Razer’s first ever smartphone could be coming next month

Oculus Go solves VR’s two biggest problems

Truly driverless cars could soon be allowed on California’s roads

HTMLSmuggler – HTML Smuggling Generator And Obfuscator For Your Red Team Operations

Dynmx – Signature-based Detection Of Malware Features Based On Windows API Call Sequences

Sekiryu – Comprehensive Toolkit For Ghidra Headless

Callisto – An Intelligent Binary Vulnerability Analysis Tool

SMShell – Send Commands And Receive Responses Over SMS From Mobile Broadband Capable Computers

Surf – Escalate Your SSRF Vulnerabilities On Modern Cloud Environments

Your iPhone will Alert You if You are Being Monitored At Work

Warning! — Linux Mint Website Hacked and ISOs replaced with Backdoored Operating System

WhatsApp down on New Year’s Eve: Users worldwide unable to connect as messaging app crashes repeatedly

WhatsApp video calling feature, new design leaked

Bad Santa! Microsoft Offers — ‘Upgrade now’ or ‘Upgrade tonight’ to Push Windows 10

Samsung agrees to pay Apple $548 million for copying its iPhone designs

Androidqf – (Android Quick Forensics) Helps Quickly Gathering Forensic Evidence From Android Devices, In Order To Identify Potential Traces Of Compromise

FireStorePwn – Firestore Database Vulnerability Scanner Using APKs

LibAFL – Advanced Fuzzing Library – Slot Your Fuzzer Together In Rust! Scales Across Cores And Machines. For Windows, Android, MacOS, Linux, No_Std, …

Cpufetch – Simplistic Yet Fancy CPU Architecture Fetching Tool

Umbrella_android – Digital And Physical Security Advice App

Ghost Framework – An Android Post-Exploitation Framework That Exploits The Android Debug Bridge To R emotely Access An Android Device