Help Center> Host Security Service (Old)> Best Practices> Detecting and Fixing Vulnerabilities> Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-1027)
Updated on 2022-08-30 GMT+08:00
View PDF

Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-1027)

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

Vulnerability ID

CVE-2020-1027

Vulnerability Name

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Details

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Affected Versions

All Windows OSs

Official Solution

It is recommended that affected users install the latest vulnerability patch as soon as possible.

For details, see https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1027 .

Suggestion

Perform the following steps to scan and fix a vulnerability.

  1. Scan and view details of a vulnerability, as shown in Figure 1. For details, see Viewing Details of a Vulnerability.

    Figure 1 Manually starting a vulnerability scan

  2. Fix vulnerabilities and verify the result. For details, see Fixing Vulnerabilities and Verifying the Result.