New Search

Windows Host Guardian Service Security Feature Bypass Vulnerability - CVE-2020-1259

oval:org.cisecurity:def:7793

A security feature bypass vulnerability exists when Windows Host Guardian Service improperly handles hashes recorded and logged. An attacker who successfully exploited the vulnerability could tamper with the log file. In an attack scenario an attacker can change existing event log types to a type the parsers do not interpret allowing an attacker to append their own hash without triggering an alert. The update addresses the vulnerability by correcting how Windows Host Guardian Service handles logging of the measured boot hash.

Family:
windows
Status:
ACCEPTED
Platform(s):
  • Microsoft Windows Server 2019
  • Microsoft Windows Server 2016
  • Microsoft Windows 10
Class:
vulnerability
Reference(s):
  • CVE-2020-1259
  • MSRC-CVE-2020-1259
  • KB4561649
  • KB4561616
  • KB4561602
  • KB4561621
  • KB4561608
  • KB4560960
Product(s):