0patch: Fix for Windows Installer flaw CVE-2020-0683

[German]ACROS Security has released a micro-patch for its 0patch agent that fixes the Privilege Escalation vulnerability CVE-2020-0683 in the Windows Installer. The micro-fix is available for users of Windows 7 SP1 and Windows Server 2008 R2 who have not purchased the corresponding ESU package from Microsoft but have purchased support from ACROS Security.


The Windows Installer vulnerability CVE-2020-0683

A privilege escalation vulnerability exists in the Windows Installer, which has been assigned the identifier CVE-2020-0683  and has been publicly disclosed since February 2020. The Common Vulnerabilities and Exposures database (CVE) contains the following details:

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.

When handling symbolic links during the processing of MSI installation packages, privileges may be increased. Packet Storm Security has published some details in this document – Mc Afee links all information here

Microsoft released updates in Feb. 2020

Microsoft classifies the exploitability of the vulnerability in this document as 'low'. This is because an attacker would have to log on to the system first. Only then could he execute a specially crafted MSI application to exploit the privilege escalation vulnerability. But then he could add or remove files. 

On February 11, 2020, Microsoft published updates for Windows 7, Windows 8.1, and all versions of Windows 10, as well as the Windows Server counterparts, on the Windows Installer Elevation of Privilege Vulnerability support page CVE-2020-0683

(Click to zoom)


0patch releases Micro Patch for CVE-2020-0683

However, users of Windows 7 SP1 and Windows Server 2008 R2 who do not have an ESU license will no longer receive the security updates that are released by Microsoft. Since there is an exploit, the people at ACROS Security have developed a micro-fix for the vulnerability.

If you have installed the 0patch agent and purchased a Pro or Enterprise subscription, Windows 7 SP1 or Windows Server 2008 R2 will protect the system against the vulnerability.

Similar articles:
Windows 7: Forcing February 2020 Security Updates – Part 1 – Teil 1
Windows 7: Securing with the 0patch solution – Part 2
Windows 7/Server 2008/R2: 0patch delivers security patches after support ends
Project: Windows 7/Server 2008/R2 Life Extension & 0patch one month trial
0patch: Fix for Internet Explorer 0-day vulnerability CVE-2020-0674

Cookies helps to fund this blog: Cookie settings

This entry was posted in Security, Windows and tagged , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *