Endpoint Vulnerability

Microsoft: Windows CloudExperienceHost Elevation of Privilege Vulnerability

Description

An elevation of privilege vulnerability exists when Microsoft Windows CloudExperienceHost fails to check COM objects. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application. The security update addresses the vulnerability by checking COM objects.

Affected Products

Windows 10,Windows Server 2016,Windows Server 2019

References

CVE-2020-1471,