CVE-2020-1245

An issue of elevated privilege has been identified in Windows due to the failure of the Win32k component in managing objects stored in memory. If successfully exploited, this vulnerability enables an attacker to execute arbitrary code in kernel mode. As a consequence, the attacker would be able to perform actions such as installing programs, accessing, modifying, or deleting data, as well as creating new user accounts with full privileges.

To take advantage of this vulnerability, the attacker must initially gain access to the system. Subsequently, by running a specifically designed application capable of exploiting the vulnerability, the attacker can seize control of the affected system.

The concerned update aims to resolve this vulnerability by addressing the way in which Win32k manages objects stored in memory.