2 matches found
CVE-2020-1025
CVE-2020-1025 affects Microsoft SharePoint Server and Skype for Business Server. The vulnerability is an elevation of privilege caused by improper OAuth token validation, enabling an attacker to bypass authentication by modifying the token. The published fixes modify how tokens are validated to a...
Microsoft Tackles 123 Fixes for July Patch Tuesday
A critical DNS bug and a publicly known elevation-of-privilege flaw top Microsoft’s July Patch Tuesday list of 123 fixes. The DNS flaw is a remote code-execution bug and is touted as one of the most critical Windows vulnerabilities released this year, earning the highest-severity CVSS score of 10...