CVE-2020-0683 - Microsoft Windows Installer Privilege Escalation Vulnerability
Project:Microsoft
Product:Windows
Date Added:2021-11-03Due Date:2022-05-03
Vulnerability Name
Microsoft Windows Installer Privilege Escalation Vulnerability
Description
Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-0683