SB2020041423 - Multiple vulnerabilities in Microsoft Connected User Experiences and Telemetry Service

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-1029)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the Connected User Experiences and Telemetry Service improperly handles file operations. A local user can create a malicious application and run processes in an elevated context.

2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-0942)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the way Windows handles file operations. A local user can create a malicious application, launch it on the system and overwrite files in arbitrary locations with elevated permissions.

To exploit the vulnerability, an attacker would first have to log on to the system.

3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-0944)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the Connected User Experiences and Telemetry Service improperly handles file operations. A local user can create a malicious application and run processes in an elevated context.

Remediation

Install update from vendor's website.

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1029
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0942
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0944