Summary: Amidst the global pandemic, there has been an emerge of a zero-day reported in Microsoft Windows. On March 23, Microsoft acknowledged the existence of a critical security vulnerability in multiple versions of Windows and Windows Server, in Adobe Type Manager (ATM) Library, an integrated PostScript font library found in all versions of Windows. Description: … Continue reading “Microsoft Windows Adobe Type Manager Library Remote Code Execution zero-day Vulnerability (ADV200006)”
Tag: march 2020
Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-0668)
Summary: An arbitrary file move vulnerability is found in Windows Service Tracing. A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with SYSTEM level permissions. Description: To exploit the vulnerability, developed by individual researcher Clément Labro, a locally … Continue reading “Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-0668)”