Published: 16/10/2020 Updated: 20/10/2020
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8
Vector: AV:L/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Summary

Microsoft Windows could allow a remote malicious user to conduct spoofing attacks, caused by the incorrect validation of file signatures. By persuading a victim to open a specially crafted file, an attacker could exploit this vulnerability to bypass security features and load improperly signed files.

Vulnerability Trend

Recent Articles

Microsoft fixes Windows certificate spoofing bug abusing CAT files
BleepingComputer • Ax Sharma • 14 Oct 2020

Microsoft's October 2020 Patch Tuesday fixed 87 security bugs, one of which is an "Important" Windows Spoofing Vulnerability that abuses CAT files.
The vulnerability enables attackers to create "polyglot malware," which merges different file types, to spoof digital signatures.