Rewterz Threat Advisory – CVE-2019-8790 – Swift for Ubuntu Information disclosure vulnerability
October 14, 2019Rewterz Threat Alert – OpenCarrot Malware Identified in Financial Sector
October 15, 2019Rewterz Threat Advisory – CVE-2019-8790 – Swift for Ubuntu Information disclosure vulnerability
October 14, 2019Rewterz Threat Alert – OpenCarrot Malware Identified in Financial Sector
October 15, 2019Severity
Medium
Analysis Summary
An elevation of privilege vulnerability exists in Windows 10 Update Assistant in the way it handles permissions.
A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Impact
Privilege access
Affected Vendors
Microsoft
Affected Products
Windows 10 Update Assistant
Remediation
Please see vendor’s advisory for the list of patches and more details
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1378