First published: Tue Jun 09 2020(Updated: )
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1170.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Defender | ||
Windows 10 | ||
Windows 10 | =1607 | |
Windows 10 | =1709 | |
Windows 10 | =1803 | |
Windows 10 | =1809 | |
Windows 10 | =1903 | |
Windows 10 | =1909 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows | ||
Microsoft Windows RT | ||
Microsoft Windows Server | =sp2 | |
Microsoft Windows Server | =r2-sp1 | |
Microsoft Windows Server | =r2-sp1 | |
Microsoft Windows Server | ||
Microsoft Windows Server | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2016 | =1803 | |
Microsoft Windows Server 2016 | =1903 | |
Microsoft Windows Server 2016 | =1909 | |
Microsoft Windows Server 2019 | ||
Microsoft Forefront Endpoint Protection 2010 | ||
Microsoft Security Essentials | ||
Microsoft System Center Endpoint Protection | =2012 | |
Microsoft System Center Endpoint Protection | =2012-r2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-1163 is an elevation of privilege vulnerability in Windows Defender that leads to arbitrary file deletion on the system.
To exploit the CVE-2020-1163 vulnerability, an attacker would first have to log on to the system.
The severity rating of CVE-2020-1163 is high, with a CVSS score of 7.8.
Microsoft Windows Defender, Microsoft Forefront Endpoint Protection 2010, Microsoft Security Essentials, and Microsoft System Center Endpoint Protection are affected by CVE-2020-1163.
No, Microsoft Windows 10 is not vulnerable to CVE-2020-1163.