SB2020041434 - Multiple vulnerabilities in Microsoft Windows

Description

This security bulletin contains information about 6 secuirty vulnerabilities.

1) Buffer overflow (CVE-ID: CVE-2020-0794)

The vulnerability allows a local user to perform denial of service (DoS) attack.

The vulnerability exists due to a boundary error when Windows improperly handles objects in memory. A local user can use a specially crafted application to trigger memory corruption and cause the system to stop responding.

Successful exploitation of this vulnerability may result in a denial of service (DoS) attack.

2) Buffer overflow (CVE-ID: CVE-2020-1015)

The vulnerability allows a local user to escalate privilege so the system.

The vulnerability exists due to a boundary error in the User-Mode Power Service (UMPS) when handling objects in memory. A local user can create a specially crafted application, trigger memory corruption and execute arbitrary code on the target system with elevated privileges.

3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-1011)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to Windows System Assessment Tool improperly handles file operations. A local user can run a specially crafted application and run processes in an elevated context.

4) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2020-1009)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to the way that the Microsoft Store Install Service handles file operations in protected locations. A local user can run a specially crafted application and execute arbitrary code with elevated permissions.

5) Buffer overflow (CVE-ID: CVE-2020-0983)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when the Windows Delivery Optimization service improperly handles objects in memory. A local user can use a specially crafted application to trigger memory corruption and execute arbitrary code on the target system with elevated system privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

6) Buffer overflow (CVE-ID: CVE-2020-0934)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error when the Windows WpcDesktopMonSvc improperly manages memory. A local user can use a specially crafted application to trigger memory corruption and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Install update from vendor's website.

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0794
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1015
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1011
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1009
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0983
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0934