Microsoft releases KB4578013 to fix two Windows Remote Access Elevation of Privilege vulnerabilities
Microsoft has released an out of band security update that addresses two separate Windows Remote Access Elevation of Privilege vulnerabilities.
KB4578013 fixes the CVE-2020-1530 and CVE-2020-1537 issues relating to Windows Remote Access' handling of memory and file operation respectively. Microsoft had already issued a patch for Windows 10 earlier this month, but the new patch is aimed at people running Windows 8.1, RT 8.1, and Server 2012 R2.
See also:
- Microsoft is finally ditching Internet Explorer and legacy Edge
- Microsoft has removed a useful driver updating feature from Windows 10
- Microsoft is looking into Windows 10 slow boot and performance problems after KB4559309 Edge update
CVE-2020-1530 and CVE-2020-1537 are both marked as being "Important" vulnerabilities, so Microsoft is keen for people to install the fix as soon as possible. Left unpatched, system are at risk of attackers running malicious software to gain elevated privileges.
Writing in the Windows Message Center, Microsoft says:
An out of band security update has been released for Windows 8.1 and Windows Server 2012 R2. This update addresses two Windows Remote Access Elevation of Privilege vulnerabilities. We recommend that you install these updates promptly. For information about the update, see KB4578013. For more information about these vulnerabilities, see CVE-2020-1530 and CVE-2020-1537.
Note These vulnerabilities were already addressed for all other supported OSes in the August 11, 2020 release.
The patch can be downloaded from the Windows Update Catalog.
Image credit: Sundry Photography / Shutterstock