Lucene search
Symantec Security ResponseSMNTC-111417HistoryJan 14, 2020 - 12:00 a.m.
Microsoft Windows Search Indexer CVE-2020-0623 Local Privilege Escalation Vulnerability
2020-01-1400:00:00
Symantec Security Response
www.symantec.com
13
Description
Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges.
Technologies Affected
- Microsoft Windows 10 Version 1607 for 32-bit Systems
- Microsoft Windows 10 Version 1607 for x64-based Systems
- Microsoft Windows 10 Version 1709 for ARM64-based Systems
- Microsoft Windows 10 Version 1803 for 32-bit Systems
- Microsoft Windows 10 Version 1803 for ARM64-based Systems
- Microsoft Windows 10 Version 1803 for x64-based Systems
- Microsoft Windows 10 Version 1809 for 32-bit Systems
- Microsoft Windows 10 Version 1809 for ARM64-based Systems
- Microsoft Windows 10 Version 1809 for x64-based Systems
- Microsoft Windows 10 Version 1903 for 32-bit Systems
- Microsoft Windows 10 Version 1903 for ARM64-based Systems
- Microsoft Windows 10 Version 1903 for x64-based Systems
- Microsoft Windows 10 Version 1909 for 32-bit Systems
- Microsoft Windows 10 Version 1909 for ARM64-based Systems
- Microsoft Windows 10 Version 1909 for x64-based Systems
- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems
- Microsoft Windows 10 version 1703 for 32-bit Systems
- Microsoft Windows 10 version 1703 for x64-based Systems
- Microsoft Windows 10 version 1709 for 32-bit Systems
- Microsoft Windows 10 version 1709 for x64-based Systems
- Microsoft Windows 8.1 for 32-bit Systems
- Microsoft Windows 8.1 for 64-bit Systems
- Microsoft Windows RT 8.1
- Microsoft Windows Server 1803
- Microsoft Windows Server 1903
- Microsoft Windows Server 1909
- Microsoft Windows Server 2012
- Microsoft Windows Server 2012 R2
- Microsoft Windows Server 2016
- Microsoft Windows Server 2019
Recommendations
Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Ensure that only trusted users have local, interactive access to affected computers.
Run all software as a nonprivileged user with minimal access rights.
To limit the impact of latent vulnerabilities, configure servers and other applications to run as a nonadministrative user with minimal access rights.
Updates are available. Please see the references or vendor advisory for more information.
Related
mscve
mscve
Windows Search Indexer Elevation of Privilege Vulnerability
2020-01-14 08:00:00
prion
prion
Privilege escalation
2020-01-14 23:15:00
Privilege escalation
2020-01-14 23:15:00
Privilege escalation
2020-01-14 23:15:00
cve
cve
mskb
mskb
January 14, 2020âKB4534309 (Security-only update)
2020-01-14 08:00:00
January 14, 2020âKB4534297 (Monthly Rollup)
2020-01-14 08:00:00
January 14, 2020âKB4534306 (OS Build 10240.18453)
2020-01-14 08:00:00
nessus
nessus
KB4534306: Windows 10 January 2020 Security Update
2020-01-14 00:00:00
KB4534276: Windows 10 Version 1709 January 2020 Security Update
2020-01-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4534297)
2020-01-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4534306)
2020-01-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4528760)
2020-01-15 00:00:00
kaspersky
kaspersky
KLA11639 Multiple vulnerabilities in Microsoft Windows
2020-01-14 00:00:00
talosblog
talosblog
Related for SMNTC-111417