CVE-2020-17070 : What You Need to Know

Windows Update Medic Service Elevation of Privilege Vulnerability was published on November 10, 2020, by Microsoft. The vulnerability affects various versions of Windows operating systems.

Understanding CVE-2020-17070

This CVE identifies an elevation of privilege vulnerability in the Windows Update Medic Service.

What is CVE-2020-17070?

The CVE-2020-17070 vulnerability refers to an elevation of privilege issue in the Windows Update Medic Service, impacting multiple Windows OS versions.

The Impact of CVE-2020-17070

The vulnerability has a base severity rating of HIGH (CVSS score: 7.8), allowing attackers to elevate privileges on affected systems.

Technical Details of CVE-2020-17070

This section provides detailed technical information about the CVE.

Vulnerability Description

The vulnerability lies in the Windows Update Medic Service, enabling unauthorized users to elevate their privileges on the system.

Affected Systems and Versions

Windows 10 Version 20H2 (32-bit Systems, ARM64-based Systems)
Windows Server version 20H2 (x64-based Systems)
Windows 10 Versions 1803, 1809, 1903, 1909, 2004
Windows Server 2019 and versions 1903, 2004

Exploitation Mechanism

The vulnerability allows attackers to exploit the Windows Update Medic Service to gain elevated privileges on the affected systems.

Mitigation and Prevention

Protect your systems from CVE-2020-17070 with the following steps:

Immediate Steps to Take

Apply security updates from Microsoft promptly.
Monitor for any unauthorized system changes.
Implement the principle of least privilege for user accounts.

Long-Term Security Practices

Regularly update and patch your operating systems and software.
Conduct security audits and vulnerability assessments.
Educate users on safe computing practices.

Patching and Updates

Ensure that all affected systems are updated with the latest security patches provided by Microsoft.