Zero-Day Advisory

Fortinet Discovers Microsoft Windows 10 Platform Privilege Escalation Vulnerability

Summary

Fortinet's FortiGuard Labs has discovered a Privilege Escalation vulnerability in Microsoft's Windows 10 Platform.


Windows 10 is a series of operating systems produced by Microsoft and released as part of its Windows NT family of operating systems. It is the successor to Windows 8.1 and broadly released to the public on July 29, 2015. Windows 10 receives new builds on an ongoing basis, in addition to additional test builds available to Windows Insiders. By April 2020, an estimated 70.98% of traditional PCs across the world are running Windows. Across all platforms (PC, mobile, tablet and console), 35% of devices run some kind of Windows, Windows 10 or older.


A Privilege Escalation vulnerability has been discovered in the Windows 10 Platform by FortiGuard Labs. The vulnerability is caused due to a Race Condition and the lack of privilege segregation within the Diagnostic Data / Telemetry Settings across all users (on a device). This could lead to unauthorized changes to Privacy Settings for all Users (including Administrator) on the Device.


Solutions

Users should apply the solution provided by Microsoft.


Fortinet's FortiEDR product can protect this vulnerability.


Timeline

Fortinet reported the vulnerability to Microsoft on February 13, 2020.

Microsoft confirmed the vulnerability on March 31, 2020.

Microsoft patched the vulnerability on June 09, 2020.

Acknowledgement

This vulnerability was discovered by Kushal Arvind Shah of Fortinet's FortiGuard Labs.

IPS Subscription

Fortinet customers who subscribe to Fortinet's intrusion prevention (IPS) service should be protected against this vulnerability with the appropriate configuration parameters in place. Fortinet's IPS service is one component of FortiGuard Subscription Services, which also offer comprehensive solutions such as antivirus, Web content filtering and antispam capabilities. These services enable protection against threats on both application and network layers. FortiGuard Services are continuously updated by FortiGuard Labs, which enables Fortinet to deliver a combination of multi-layered security intelligence and true zero-day protection from new and emerging threats. These updates are delivered to all FortiGate, FortiMail and FortiClient products. Fortinet strictly follows responsible disclosure guidelines to ensure optimum protection during a threat's lifecycle.