Home > Cyber News > CVE-2020-1530: Microsoft Releases Emergency Security Updates
CYBER NEWS

CVE-2020-1530: Microsoft Releases Emergency Security Updates

by   |  Last Update:  |  0 Comments  

Have you noticed an out-of-band security update on your Windows?

The patch is an emergency update which fixes privilege escalation vulnerabilities (CVE-2020-1530, CVE-2020-1537) that affect the Windows Remote Access service in Windows 8.1 and Windows Server 2012 R2 (KB4578013).

CVE-2020-1530, CVE-2020-1537

According to the official advisory, “this update resolves vulnerabilites in the Windows operating systems that are listed in the “Applies to” section”. The vulnerabilities in question are the following:

  • CVE-2020-1530 – An elevation of privilege vulnerability that is triggered when Windows Remote Access improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the targeted system.
  • CVE-2020-1537 – An elevation of privilege vulnerability that is triggered when the Windows Remote Access improperly handles file operations.




The good news is that these vulnerabilities were addressed for all other supported versions of Windows in the August 11 Patch Tuesday. This means that customers running other versions of Windows or Windows Server, except Windows 8.1 and Windows Server 2012 R2 , do not need to take any action, Microsoft says.

Earlier this month, Microsoft released its regular set of updates. One particular vulnerability stood out – CVE-2020-1464. Security researchers revealed that the flaw was actively expoited in malicious attacks for at least two years before Microsoft fixed it.

According to the official description provided by Microsoft, the issue is a spoofing vulnerabilities triggered by the incorrect way Windows validates file signatures. In case of a successful exploit, the attacker could bypass security features and load improperly signed files.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:
Twitter

Related posts:
  1. The Windows User Security Bible: Vulnerabilities and Patches If you’re one of those conscious users who acquaint themselves...
  2. Adobe Patches 112 Vulnerabilities in Latest Patch Package (CVE-2018-5007) Adobe has released the latest patch package that addresses a...
  3. Out-of-Band Security Updates for CVE-2020-17022, CVE-2020-17023 Two out-of-band security updates addressing the CVE-2020-17022 and CVE-2020-17023 vulnerabilities...
  4. Feb 9 Patch Tuesday – from KB 3134220 to KB 3133043 February’s Patch Tuesday is already a fact. Let’s see what...
  5. CVE-2021-33742: Microsoft Just Fixed 6 Security Bugs Exploited in the Wild Microsoft just fixed 50 vulnerabilities in June 2021 Patch Tuesday,...
  6. Google’s Latest Android Security Update Fixes 47 Vulnerabilities Google has delivered their last and probably final Android update...
  7. December 8 Patch Tuesday – from KB 3116180 to KB 3116900 Microsoft’s December Patch Tuesday is already a fact. MS15-DEC contains...
  8. July 2018 Patch Tuesday Fixes CVE-2018-8281, Microsoft Office Bugs Another set of patches has been rolled by Microsoft in...

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree