Ransomware7-This is a reason why security defense doesn’t work

Microsoft Put Off Fixing Zero Day for 2 Years

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464

https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years/

https://blog.virustotal.com/2019/01/distribution-of-malicious-jar-appended.html

https://medium.com/@TalBeerySec/glueball-the-story-of-cve-2020-1464-50091a1f98bd

What does this matter?

1) Attackers can bypass security features(Any antivirus/security endpoint) and load improperly signed files

2)Windows cannot validate file signatures correctly

3)This was first spotted in attacks used in the wild back in August 2018

What is the mitigation

1)Optimizing your IT/Computer with Zero-trust

2)Integrating data protection

Request a free security protection