KLA11981 ACE vulnerability in Microsoft Windows

A remote code execution vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to execute arbitrary code.

Original advisories

CVE-2020-17022

Related products

Microsoft-Windows

Microsoft-Windows-10

CVE list

CVE-2020-17022 critical

KB list

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

Affected Products

• Windows 10 Version 1909 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 2004 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 2004 for x64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1709 for x64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1803 for 32-bit SystemsWindows 10 Version 2004 for 32-bit SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1803 for x64-based SystemsWindows 10 Version 1809 for ARM64-based Systems