PT-2019-1131 · Microsoft · Windows 10 Servers+4
Anthony Laou Hine Tsuei
·
Published
2019-01-08
·
Updated
2020-08-24
·
CVE-2019-0553
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Windows Subsystem for Linux versions prior to the fixed version
Windows 10
Windows 10 Servers
Windows Server 2019
Description:
The issue is related to the improper handling of objects in memory by the Windows Subsystem for Linux, which can lead to information disclosure. This can allow an attacker to obtain sensitive information using a specially crafted application.
Recommendations:
For Windows Subsystem for Linux, update to the fixed version to resolve the issue.
For Windows 10, apply the available patch to fix the vulnerability.
For Windows 10 Servers, apply the available patch to fix the vulnerability.
For Windows Server 2019, apply the available patch to fix the vulnerability.
As a temporary workaround, consider restricting access to sensitive information until a patch is available.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Windows
Windows 10
Windows 10 Servers
Windows Server 2019
Windows Subsystem For Linux