First published: Tue Jan 14 2020(Updated: )
An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 10 | =1709 | |
Microsoft Windows 10 | =1803 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =1903 | |
Microsoft Windows 10 | =1909 | |
Microsoft Windows Server 2016 | =1803 | |
Microsoft Windows Server 2016 | =1903 | |
Microsoft Windows Server 2016 | =1909 | |
Microsoft Windows Server 2019 | ||
Microsoft Update Notification Manager | ||
=1709 | ||
=1803 | ||
=1809 | ||
=1903 | ||
=1909 | ||
=1803 | ||
=1903 | ||
=1909 | ||
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-0638 is rated as a medium severity vulnerability.
To fix CVE-2020-0638, you should apply the latest security updates provided by Microsoft.
CVE-2020-0638 affects Microsoft Windows 10 versions 1709, 1803, 1809, 1903, 1909 and Windows Server versions 2016 and 2019.
CVE-2020-0638 allows attackers to elevate privileges on the affected systems.
There are no known workarounds for CVE-2020-0638; the recommended action is to apply the security updates.