Windows Modules Installer Service Information Disclosure Vulnerability

ID MS:CVE-2020-0859
Type mscve
Reporter Microsoft
Modified 2020-03-10T07:00:00


An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read any file on the file system.

To exploit the vulnerability, an attacker would have to log onto an affected system and run a specially crafted application.

The update addresses the vulnerability by changing the way Windows Modules Installer Service discloses file information.