Software Affected
    Windows 10 Version 1709 for 32-bit Systems and x64-based Systems
    Windows 10 Version 1709 for ARM64-based Systems
    Windows 10 Version 1803 for 32-bit Systems and x64-based Systems
    Windows 10 Version 1803 for ARM64-based Systems
    Windows 10 Version 1809 for 32-bit Systems and x64-based Systems
    Windows 10 Version 1809 for ARM64-based Systems
    Windows 10 Version 1903 for 32-bit Systems and x64-based Systems
    Windows 10 Version 1903 for ARM64-based Systems
    Windows 10 Version 1909 for 32-bit Systems and x64-based Systems
    Windows 10 Version 1909 for ARM64-based Systems
    Windows 10 Version 2004 for 32-bit Systems and x64-based Systems
    Windows 10 Version 2004 for ARM64-based Systems
    Windows Server 2019(Server Core Installation also affected)
    Windows Server, version 1803 (Server Core Installation also affected)
    Windows Server, version 1903 (Server Core installation)
    Windows Server, version 1909 (Server Core installation)
    Windows Server, version 2004 (Server Core installation)

Overview
A remote code execution vulnerability has been reported in Windows shell
which could allow an attacker to bypass security restrictions, access
sensitive information and execute arbitrary code to gain elevated
privileges on the targeted system.

Description
This vulnerability exists in Microsoft Windows shell due to improper
validation of file path. An attacker could exploit this vulnerability by
opening a specially crafted file on the affected system.

Successful exploitation of this vulnerability could allow the attacker to
execute arbitrary code on the targeted system.

Solution
Apply appropriate software fixes as available on the vendor website.
https://portal.msrc.microsoft.com/en-US/security-guidance

Vendor Information

Microsoft
https://portal.msrc.microsoft.com/en-US/security-guidance

References

Microsoft
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020
- -1286

CVE Name
CVE-2020-1286