The patch is an emergency update which fixes privilege escalation vulnerabilities (CVE-2020-1530, CVE-2020-1537) that affect the Windows Remote Access service in Windows 8.1 and Windows Server 2012 R2 (KB4578013).
According to the official advisory, “this update resolves vulnerabilites in the Windows operating systems that are listed in the “Applies to” section”. The vulnerabilities in question are the following:
- CVE-2020-1530 – An elevation of privilege vulnerability that is triggered when Windows Remote Access improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the targeted system.
- CVE-2020-1537 – An elevation of privilege vulnerability that is triggered when the Windows Remote Access improperly handles file operations.
The good news is that these vulnerabilities were addressed for all other supported versions of Windows in the August 11 Patch Tuesday. This means that customers running other versions of Windows or Windows Server, except Windows 8.1 and Windows Server 2012 R2 , do not need to take any action, Microsoft says.
Earlier this month, Microsoft released its regular set of updates. One particular vulnerability stood out – CVE-2020-1464. Security researchers revealed that the flaw was actively expoited in malicious attacks for at least two years before Microsoft fixed it.
According to the official description provided by Microsoft, the issue is a spoofing vulnerabilities triggered by the incorrect way Windows validates file signatures. In case of a successful exploit, the attacker could bypass security features and load improperly signed files.