{"id":14511,"date":"2020-05-21T00:01:00","date_gmt":"2020-05-20T22:01:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=14511"},"modified":"2020-05-21T00:00:07","modified_gmt":"2020-05-20T22:00:07","slug":"0patch-fixes-cve-2020-1048-in-windows-7-server-2008-r2","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/05\/21\/0patch-fixes-cve-2020-1048-in-windows-7-server-2008-r2\/","title":{"rendered":"0patch fixes CVE-2020-1048 in Windows 7\/Server 2008 R2"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline; border-width: 0px;\" title=\"win7\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2012\/03\/win7_thumb1.jpg\" alt=\"win7\" width=\"44\" height=\"42\" align=\"left\" border=\"0\" \/> [<a href=\"https:\/\/www.borncity.com\/blog\/?p=231884\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]ACROS Security has released a micropatch for the Windows Print Spooler Elevation of Privilege vulnerability CVE-2020-1048 in Windows 7 and Server 2008 R2 (without ESU license).<\/p>\n<p><!--more--><\/p>\n<h2>Vulnerability CVE-2020-1048<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg04.met.vgwort.de\/na\/378c346666c24bf98d30d542a6af02f5\" alt=\"\" width=\"1\" height=\"1\" \/><a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-1048\" target=\"_blank\" rel=\"noopener noreferrer\">CVE-2020-1048<\/a> is an elevation of privilege vulnerability that exists when the Windows Print Spooler service improperly allows arbitrary writing to the file system. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.<\/p>\n<p>Microsoft describes the vulnerability in <a href=\"https:\/\/portal.msrc.microsoft.com\/en-US\/security-guidance\/advisory\/CVE-2020-1048\" target=\"_blank\" rel=\"noopener noreferrer\">this document<\/a> and has released security updates for Windows 7 to Windows 10 on May 12, 2020. However, users of Windows 7 SP1 and Windows Server 2008 R2 who do not have an ESU license will no longer receive the security updates released by Microsoft.<\/p>\n<h2>0patch-Fix for Windows 7 SP1\/Server 2008 R2<\/h2>\n<p>ACROS Security has developed a micropatch for the vulnerabilityCVE-2020-1048. Mitja Kolsek of ACROS Security has informed me privately that the micropatch has been released for Windows 7 SP1 and Windows Server 2008 R2. There is now also a message on Twitter.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p dir=\"ltr\" lang=\"en\">Windows 7 and Server 2008 R2 users without Extended Security Updates have just received a micropatch for CVE-2020-1048, a privilege elevation vulnerability allowing a local non-admin attacker to create an arbitrary file in an arbitrary location. <a href=\"https:\/\/t.co\/OszjM6G6Le\">pic.twitter.com\/OszjM6G6Le<\/a><\/p>\n<p>\u2014 0patch (@0patch) <a href=\"https:\/\/twitter.com\/0patch\/status\/1263099610580598789?ref_src=twsrc%5Etfw\">May 20, 2020<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In further <a href=\"https:\/\/twitter.com\/0patch\/status\/1263101575003701249\" target=\"_blank\" rel=\"noopener noreferrer\">follow-up tweets<\/a> ACROS Security provides some more explanations about the vulnerability and the micropatch. This patch is available for subscribers of the Pro and Enterprise version. Hints on how the 0patch agent, which loads the micro patches into memory at runtime of an application, works can be found in the blog posts (e.g. <a href=\"https:\/\/borncity.com\/win\/2020\/03\/05\/windows-7-securing-with-the-0patch-solution-part-2\/\">here<\/a>), which I have linked below.<\/p>\n<p><strong>Similar articles:<br \/>\n<\/strong><a href=\"https:\/\/borncity.com\/win\/2020\/03\/05\/windows-7-forcing-february-2020-security-updates-part-1\/\">Windows 7: Forcing February 2020 Security Updates<\/a> \u2013 Part 1<br \/>\n<a href=\"https:\/\/borncity.com\/win\/2020\/03\/05\/windows-7-securing-with-the-0patch-solution-part-2\/\">Windows 7: Securing with the 0patch solution<\/a> \u2013 Part 2<br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/09\/22\/windows-7-server-2008-r2-0patch-liefert-sicherheitspatches-nach-supportende\/\">Windows 7\/Server 2008\/R2: 0patch delivers security patches after support ends<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2020\/01\/30\/project-windows-7-server-2008-r2-life-extension-0patch-one-month-trial\/\">Project: Windows 7\/Server 2008\/R2 Life Extension &amp; 0patch one month trial<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2020\/01\/21\/0patch-fix-for-internet-explorer-0-day-vulnerability-cve-2020-0674\/\">0patch: Fix for Internet Explorer 0-day vulnerability CVE-2020-0674<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2020\/03\/14\/0patch-fix-for-windows-installer-flaw-cve-2020-0683\/\">0patch: Fix for Windows Installer flaw CVE-2020-0683<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2020\/03\/20\/0patch-fix-for-windows-gdi-vulnerability-cve-2020-0881\/\">0patch fix for Windows GDI+ vulnerability CVE-2020-0881<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2020\/03\/24\/0-day-vulnerability-in-windows-adobe-type-library\/\">0-day vulnerability in Windows Adobe Type Library<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2020\/04\/23\/0patch-fixt-cve-2020-0687-in-windows-7-server-2008-r2\/\">0patch fixes CVE-2020-0687 in Windows 7\/Server 2008 R2<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]ACROS Security has released a micropatch for the Windows Print Spooler Elevation of Privilege vulnerability CVE-2020-1048 in Windows 7 and Server 2008 R2 (without ESU license).<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,2],"tags":[991,2195,69,17,18],"class_list":["post-14511","post","type-post","status-publish","format-standard","hentry","category-security","category-windows","tag-0patch","tag-esu","tag-security","tag-windows-7","tag-windows-server-2008-r2"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14511","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=14511"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/14511\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=14511"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=14511"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=14511"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}