New Search

Windows Runtime Information Disclosure Vulnerability - CVE-2020-1217

oval:org.cisecurity:def:7763

An information disclosure vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could read memory that was freed and might run arbitrary code in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulnerability by correcting the way the Windows Runtime handles objects in memory.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows 10
  • Microsoft Windows Server 2019
Class:
vulnerability
Reference(s):
  • CVE-2020-1217
  • MSRC-CVE-2020-1217
  • KB4561602
  • KB4561621
  • KB4561608
  • KB4560960
Product(s):