Fwd: [CIVN-2020-0214] Remote code execution in Microsoft Windows

Severity Rating: High

Software Affected

· Windows 7

· Windows 8.1

· Windows 10

· Windows RT 8.1

· Windows Server 2008

· Windows Server 2008 R2

· Windows Server 2012

· Windows Server 2012 R2

· Windows Server 2016

· Windows Server 2019

Overview

A vulnerability has been reported in Microsoft Windows OLE which could

allow an attacker to execute malicious code on the targeted system.

Description

This Vulnerability exists in Microsoft Windows OLE due to improper

validation of user input. A remote attacker could exploit this

vulnerability by convince a user to open either a specially crafted file or

a program from either a webpage or an email message on the targeted system.

Successful exploitation of this vulnerability may result in complete

compromise of vulnerable system.

Solution

Apply appropriate patches as mentioned in Microsoft Security

https://portal.msrc.microsoft.com/en-US/security-guidance

Vendor Information

Microsoft

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020

- -1281

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020

- -1281

https://nvd.nist.gov/vuln/detail/CVE-2020-1281

CVE Name

CVE-2020-1281

About Cert Advisory

We have created this blog to provide latest security advisory from the india cert for the security vulnerability, threats, attacks and patching required to mitigate any kind of cyber attacks.

Fwd: [CIVN-2020-0214] Remote code execution in Microsoft Windows

About Cert Advisory

Related Posts

Related Posts

Popular Posts

Facebook

Blog Archive