Microsoft Issued a Fix for Zero-Day Six Months Ago but It Didn’t Work

From hotforsecurity.bitdefender.com

Microsoft fixed a zero-day vulnerability in June 2020, but the company did a poor job. Security researchers from Google’s Project Zero showed that attackers could still use the zero-day, despite the patch.

Since zero-day exploits are a serious matter, most of the time, companies quickly release a patch. The June 2020 patch for Windows 8.1 and 10 covered the zero-day CVE-2020-0986 vulnerability, or at least that was the plan.

Read more…