Microsoft backs up Windows 8.1 and Windows Server 2012 R2 out of order.
Under certain conditions, attackers could attack different Windows versions and acquire higher user rights. Microsoft has now made the security updates to close two gaps available for download for Windows 8.1 and Windows Server 2012 R2.
All other affected Windows versions, including Windows 10, received the update on the patch day at the beginning of August . The security update for the two vulnerabilities with the identifiers CVE-2020-1530 and CVE-2020-1537 is classified as “important“.
The starting point for an elevation of privilege attack is the Windows remote access service. This can choke on the processing of code in memory and thus lay the foundation for an attack.
For this to happen, an attacker must already be in a position on a victim’s system in which he can run your own code. Due to this hurdle, the vulnerabilities are classified with a comparatively low threat level.
Patch now!
Microsoft assures that it has not yet observed any attacks to have. Nevertheless, those affected should download and install the security updates quickly.
