Microsoft May 2020 Patch Tuesday fixes 111 vulnerabilities

TagCVE IDCVE Title .NET Core CVE-2020-1161 ASP.NET Core Denial of Service Vulnerability .NET Core CVE-2020-1108 .NET Core & .NET Framework Denial of Service Vulnerability .NET Framework CVE-2020-1066 .NET Framework Elevation of Privilege Vulnerability Active Directory CVE-2020-1055 Microsoft Active Directory Federation Services Cross-Site Scripting Vulnerability Common Log File System Driver CVE-2020-1154 Windows Common Log File System Driver Elevation of Privilege Vulnerability Internet Explorer CVE-2020-1092 Internet Explorer Memory Corruption Vulnerability Internet Explorer CVE-2020-1064 MSHTML Engine Remote Code Execution Vulnerability Internet Explorer CVE-2020-1062 Internet Explorer Memory Corruption Vulnerability Internet Explorer CVE-2020-1093 VBScript Remote Code Execution Vulnerability Microsoft Dynamics CVE-2020-1063 Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability Microsoft Edge CVE-2020-1059 Microsoft Edge Spoofing Vulnerability Microsoft Edge CVE-2020-1056 Microsoft Edge Elevation of Privilege Vulnerability Microsoft Edge CVE-2020-1096 Microsoft Edge PDF Remote Code Execution Vulnerability Microsoft Graphics Component CVE-2020-1145 Windows GDI Information Disclosure Vulnerability Microsoft Graphics Component CVE-2020-1135 Windows Graphics Component Elevation of
Read More

Nationwide’s human expertise used to quickly build smart agent amid pandemic

Nationwide Building Society has used its experienced frontline staff to train its digital agent, known as Arti, to answer coronavirus-related questions.

The ramifications of the pandemic has created a spike in customer queries. Covid-19 has hit peoples’ livelihoods and increased demand for information from providers of mortgages and other financial products.

For example, millions of people have applied to have mortgage payments and interest deferred for up to three months, when their earnings were hit as the UK went into lockdown.

Jag Bassi, head of digital propositions at Nationwide Building Society, said the challenge faced by Nationwide during the Covid-19 pandemic is no different to that experienced by all financial services institutions.

“As a large proportion of the population struggle and find themselves in a difficult financial circumstances, to be able to provide payment holidays across all our product ranges became an absolute priority,” he said.

Demand for support came

Read More

Australia served Microsoft nearly 900 data access requests in six months

Under Australian laws such as the Telecommunications (Interception and Access) Act 1979 and the Mutual Assistance in Criminal Matters Act 1987, government authorities can issue foreign companies that operate in Australia, like Microsoft, with requests for data.

“Microsoft responds to demands for non-content data globally from a number of countries including Australia,” Microsoft assistant general counsel, law enforcement and national security Norman Barbosa told the Parliamentary Joint Committee on Intelligence and Security (PJCIS).

“We have local personnel who receive requests for non-content, subscriber records and IP addresses who forward those on to our corporate teams who process them, and we respond to a number of requests from Australian law enforcement officials around the country.”

While Microsoft took on notice what requests fall under each Australian Act, Barbosa said nearly 900 requests were made by Australian government authorities in only six months.

“I don’t have specific data on requests pertaining

Read More

Draft Covid-19 contact tracing legislation proposes formal oversight

Parliament’s Joint Committee on Human Rights has again appealed to health secretary Matt Hancock to address privacy and data protection concerns arising from the government’s Covid-19 contact-tracing app with new legislation, proposing formal oversight from a new digital contact tracing human rights commissioner.

In a letter to Hancock, the committee’s chair Harriet Harman said the Human Rights Committee disagreed with his assessment that primary legislation is not necessary to guarantee privacy in the contact-tracing app.

Harman described the current law as an “unsatisfactory mishmash” that spread across the Data Protection Act of 2018, Article 8 of the European Convention on Human Rights, the European Union (EU) General Data Protection Regulation (GDPR) and established case law on the right to privacy.

“That, as our report last year affirmed, has already proved inadequate to protect the individual from misuse of their data. But the contact tracing app is a more significant

Read More