Today, Microsoft released the June product updates, which fixed two Windows kernel privilege escalation vulnerabilities (CVE-2020-1247, CVE-2020-1253) reported by Hillstone Networks. The latest security notification is published on the Microsoft website. The vulnerability affects all versions of the Windows operating system (Windows 7, Windows 8.1, Windows Server and all Windows 10 releases).
Figure 1: Microsoft Acknowledgement to Hillstone Networks Security Team
Figure 2: Vulnerability Impact
Vulnerability notification link:
- https://portal.msrc.microsoft.com/en-us/security-guidance/acknowledgments
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1247
- https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1253
Hillstone security experts recommend that users need to install patches as soon as possible to avoid exposure to security risks. In addition to Microsoft’s security mitigation, Hillstone reminds users not to open files or browse webpages of unknown origin.
