![](/style/images/good.png)
![](/style/images/bad.png)
CVE-2020-1302 - Security Update Guide - Microsoft - Windows Installer Elevation...
source link: https://msrc.microsoft.com/update-guide/en-us/vulnerability/CVE-2020-1302
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
-
- Customer Guidance
-
-
Released: 06/09/2020
Please see Common Vulnerability Scoring System for more information on the definition of these metrics.
Executive Summary
An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.
To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an attacker could run arbitrary code with elevated privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
The security update addresses the vulnerability by correcting the way Windows Installer handles certain filesystem operations.
Exploitability
Acknowledgements
- Abdelhamid Naceri (halov)
Security Updates
Disclaimer
Revisions
Information published.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK