漏洞关键信息 Windows Kernel Elevation of Privilege Vulnerability CVE ID: CVE-2020-1269 Vulnerability Type: Security Vulnerability Release Date: June 9, 2020 Executive Summary An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. Successful exploitation could allow an attacker to run arbitrary code in kernel mode. An attacker could install programs, view, change, or delete data, or create new accounts with full user rights. The vulnerability is exploited by logging on to the system and running a specially crafted application. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. Exploitability Publicly disclosed: No Exploited: No Exploitability assessment: Exploitation Less Likely Acknowledgements Zhiniang Peng (@edwardzpeng) X@edwardzpeng of Qihoo 360 Core security & Xuefeng Li Microsoft recognizes the efforts of those in the security community who help us protect customers through coordinated vulnerability disclosure.