An arbitrary privileged file move operation exists in Microsoft Windows Service Tracing. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory.
Tuesday, March 17, 2020 - 19:00