Windows Zero Day Kernel Local Privilege Escalation
On Oct 22nd, Google’s Security Team “Project-Zero” disclosed a Windows zero-day privilege escalation vulnerability, given CVE-2020-17087 and rated CVSSv3 7.8/7.2. Google stated that they had seen evidence of the vulnerability actively being exploited in the wild, and gave Microsoft a 7-day window to provide a solution. An exploit is readily available to the public for the vulnerability and a patch was released by Microsoft on Nov 10th. Exploitation would require an attacker to already be present on a system as a lower level user. Please patch your systems as soon as possible to mitigate this privilege escalation vulnerability. For more information, please reference https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17087.
Frontline.Cloud released a High rated authenticated check “MS20-NOV: Microsoft Windows Security Update (143189)” with release 3.0.65.1 on November 12th, 2020.