Microsoft Windows Diagnostics and feedback CVE-2020-1296 Information Disclosure Vulnerability

description-logoDescription

A vulnerability exists in the way the Windows Diagnostics feedback settings app handles objects in memory. An attacker who successfully exploited this vulnerability could cause additional diagnostic data from the affected device to be sent to Microsoft. To exploit the vulnerability, an attacker would have to log on to an affected system and interact with the Windows Diagnostics feedback Settings app. The security update addresses the vulnerability by correcting the way the Windows Diagnostics feedback Settings app handles objects in memory.

affected-products-logoAffected Applications

Windows 10
Windows Server version 2004 (Server Core installation)
Windows Server version 1903 (Server Core installation)
Windows Server version 1909 (Server Core installation)
Windows Server 2019

CVE References

CVE-2020-1296