CVE-2020-17139: Windows Overlay Filter Security Feature Bypass Vulnerability
First published: Wed Dec 09 2020(Updated: )
Windows Overlay Filter Security Feature Bypass Vulnerability
Credit: secure@microsoft.com secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows 10 | =20h2 | |
| Microsoft Windows 10 | =20h2 | |
| Microsoft Windows 10 | =20h2 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1809 | |
| Microsoft Windows 10 | =1903 | |
| Microsoft Windows 10 | =1903 | |
| Microsoft Windows 10 | =1903 | |
| Microsoft Windows 10 | =1909 | |
| Microsoft Windows 10 | =1909 | |
| Microsoft Windows 10 | =1909 | |
| Microsoft Windows 10 | =2004 | |
| Microsoft Windows 10 | =2004 | |
| Microsoft Windows 10 | =2004 | |
| Microsoft Windows Server 2016 | =20h2 | |
| Microsoft Windows Server 2016 | =1903 | |
| Microsoft Windows Server 2016 | =1909 | |
| Microsoft Windows Server 2016 | =2004 | |
| Microsoft Windows Server 2019 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2020-17139?
CVE-2020-17139 is a security vulnerability in Windows Overlay Filter that allows for a security feature bypass.
Which software versions are affected by CVE-2020-17139?
CVE-2020-17139 affects all versions of Microsoft Windows 10 (20H2, 1809, 1903, 1909, 2004) and Windows Server 2016 (20H2, 1903, 1909, 2004) and Windows Server 2019.
What is the severity of CVE-2020-17139?
The severity of CVE-2020-17139 is high, with a CVSS score of 7.8.
How can I fix CVE-2020-17139?
To fix CVE-2020-17139, it is recommended to apply the latest security updates provided by Microsoft.
Where can I find more information about CVE-2020-17139?
You can find more information about CVE-2020-17139 on the Microsoft Security Guidance Advisory page: [here](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17139).
- agent/author
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/references
- agent/softwarecombine
- agent/event
- agent/remedy
- agent/title
- agent/severity
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/tags
- agent/description
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft windows 10
- version/microsoft windows 10/20h2
- version/microsoft windows 10/1809
- version/microsoft windows 10/1903
- version/microsoft windows 10/1909
- version/microsoft windows 10/2004
- canonical/microsoft windows server 2016
- version/microsoft windows server 2016/20h2
- version/microsoft windows server 2016/1903
- version/microsoft windows server 2016/1909
- version/microsoft windows server 2016/2004
- canonical/microsoft windows server 2019