https://www.bleepingcomputer.com/news/security/microsoft-fixes-windows-certificate-spoofing-bug-abusing-cat-files/

Microsoft's October 2020 Patch Tuesday fixed 87 security bugs, one of which is an "Important" Windows Spoofing Vulnerability that abuses CAT files.

The vulnerability enables attackers to create "polyglot malware," which merges different file types, to spoof digital signatures.