KB4578013 Windows security update fixing privilege escalation bugs

Microsoft has released an emergency Windows Security update addressing the bugs allowing attackers to gain elevated privileges after successful exploitation. The out of band security update has been released for Windows 8.1 and Windows Server 2012 R2.

Microsoft says, “An out of band security update has been released for Windows 8.1 and Windows Server 2012 R2. We recommend that you install these updates promptly.”

The KB458013 security update fixes two Windows Remote Access elevations of privilege vulnerabilities – tracked as CVE-2020-1530 and CVE-2020-1537. To exploit these vulnerabilities, attackers firstly require privilege of code execution to run a specially crafted application. The update corrects the way how the Windows Remote Access handles memory and file operations.

Users running Windows 8.1 or Server 2012 R2 should install the update soon to avoid the attack. To download and install the band of Windows update, go to the Microsoft Update Catalog website. Upon installation, the KB45788013 update fully addresses the Windows Remote Access elevation of privileges vulnerabilities without requiring a system restart.

There is no need of taking any actions for the users using other versions of Microsoft Windows or Windows Servers. The company said, the vulnerabilities were already addressed for all other supported Oss in the August 11, 2020 release.

Last week, the company also fixed 120 security vulnerabilities (17 critical and 103 important severities) in Microsoft products. Aug 2020 patch also addressed two zero day vulnerabilities that include CVE-2020-1380 (a remote code execution vulnerability in IE 11) and CVE-2020-1464 (a Windows spoofing vulnerability allows attackers to spoof other companies when digitally signing executables).