FortiClient VulnerabilityMicrosoft Windows Host Guardian Service CVE-2020-1259 Security Feature Bypass Vulnerability
Description
A security feature bypass vulnerability exists when Windows Host Guardian Service improperly handles hashes recorded and logged. An attacker who successfully exploited the vulnerability could tamper with the log file. In an attack scenario, an attacker can change existing event log types to a type the parsers do not interpret allowing an attacker to append their own hash without triggering an alert. The update addresses the vulnerability by correcting how Windows Host Guardian Service handles logging of the measured boot hash.
Affected Applications
Windows Server version 2004 (Server Core installation)
Windows Server version 1903 (Server Core installation)
Windows Server 2016
Windows Server version 1803 (Server Core Installation)
Windows 10
Windows Server version 1909 (Server Core installation)
Windows Server 2019
CVE References
CVE-2020-1259Other References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1259| ID | 64053 |
| Created | Jun 09, 2020 |
| Description Updated |
Dec 21, 2023 |
| Risk |
|
| Coverage | FortiClient |
| OS | Windows |
| Vendor | Microsoft |
| Patch | auto |
| Application | Windows Server version 2004 (Server Core installation) , Windows Server version 1903 (Server Core installation) , Windows Server 2016 , Windows Server version 1803 (Server Core Installation) , Windows 10 , Windows Server version 1909 (Server Core installation) , Windows Server 2019 |