Lucene search
MicrosoftMS:CVE-2020-0686HistoryFeb 11, 2020 - 8:00 a.m.
Windows Installer Elevation of Privilege Vulnerability
2020-02-1108:00:00
Microsoft
msrc.microsoft.com
10
0.0004 Low
EPSS
Percentile
9.2%
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and add or remove files.
The security update addresses the vulnerability by modifying how reparse points are handled by the Windows Installer.
Related
prion
prion
Privilege escalation
2020-02-11 22:15:00
Privilege escalation
2020-02-11 22:15:00
cvelist
cvelist
CVE-2020-0683
2020-02-11 21:22:57
CVE-2020-0686
2020-02-11 21:22:58
cve
cve
CVE-2020-0683
2020-02-11 22:15:00
CVE-2020-0686
2020-02-11 22:15:00
attackerkb
attackerkb
CVE-2020-0686
2020-02-11 00:00:00
CVE-2020-0683
2020-02-11 00:00:00
mskb
mskb
February 11, 2020—KB4537822 (Security-only update)
2020-02-11 08:00:00
February 11, 2020—KB4537810 (Monthly Rollup)
2020-02-11 08:00:00
February 11, 2020—KB4537813 (Security-only update)
2020-02-11 08:00:00
nessus
nessus
KB4537822: Windows Server 2008 February 2020 Security Update
2020-03-24 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4537820)
2020-02-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4537821)
2020-02-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4537814)
2020-02-12 00:00:00
kaspersky
kaspersky
KLA11694 Multiple vulnerabilities in Microsoft products (ESU)
2020-02-11 00:00:00
KLA11662 Multiple vulnerabilities in Microsoft Windows
2020-02-11 00:00:00
talosblog
talosblog