virus logo FortiClient Vulnerability

Microsoft Windows Agent Activation Runtime CVE-2020-1391 Information Disclosure Vulnerability

description-logoDescription

An information disclosure vulnerability exists when the Windows Agent Activation Runtime (AarSvc) fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the users system. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application. The update addresses the vulnerability by correcting how the Windows Agent Activation Runtime handles objects in memory.

affected-products-logoAffected Applications

Windows 10
Windows Server version 2004 (Server Core installation)
Windows Server version 1909 (Server Core installation)
Windows Server version 1903 (Server Core installation)

CVE References

CVE-2020-1391

Other References

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-1391
ID 64231
Created Jul 14, 2020
Description
Updated		 Dec 21, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Microsoft
Patch auto
Application Windows 10 , Windows Server version 2004 (Server Core installation) , Windows Server version 1909 (Server Core installation) , Windows Server version 1903 (Server Core installation)