KLA11747
Multiple vulnerabilities in Mycrosoft System Center
Updated: 05/22/2020
Detect date
?
04/14/2020
Severity
?
High
Description

Multiple vulnerabilities were found in Mycrosoft System Center. Malicious users can exploit these vulnerabilities to gain privileges.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Microsoft Defender can be exploited remotely via specially crafted command to gain privileges.
  2. An elevation of privilege vulnerability in Windows Defender Antimalware Platform Hard Link can be exploited remotely via specially crafted application to gain privileges.
Affected products

Microsoft System Center Endpoint Protection
Microsoft Security Essentials
Microsoft System Center 2012 Endpoint Protection
Windows Defender
Windows Defender antimalware platform
Microsoft System Center 2012 R2 Endpoint Protection
Microsoft Forefront Endpoint Protection 2010

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2020-1002
CVE-2020-0835

Impacts
?
PE 
[?]
Related products
Microsoft Windows
Windows Defender
CVE-IDS
?
CVE-2020-10020.0Unknown
CVE-2020-08350.0Unknown
Microsoft official advisories
Microsoft Security Update Guide