SB2020031045 - Multiple vulnerabilities in Windows Error Reporting

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2020-0772)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when Windows Error Reporting improperly handles memory. A local user can use a specially crafted application to trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

2) Information disclosure (CVE-ID: CVE-2020-0775)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to incorrect handling of file operations in Windows Error Reporting. A local user can run a specially crafted application to gain access to sensitive information on the system.

3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-0806)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists in Windows Error Reporting when handling and executing files. A local user can run a specially crafted application to execute arbitrary code on the system with elevated privileges.

Remediation

Install update from vendor's website.

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0772
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0775
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0806