CVE-2020-1471

Name of the Vulnerable Software and Affected Versions: Microsoft Windows CloudExperienceHost versions prior to the fixed version Windows 10 versions 1909, 2004

Description: An elevation of privilege issue exists due to the failure of Microsoft Windows CloudExperienceHost to properly check COM objects. This could allow an attacker to gain elevated privileges on a targeted system by running a specially crafted script or application after logging on to the affected system.

Recommendations: For Windows 10 versions 1909, 2004, apply the security update that addresses the vulnerability by checking COM objects. For Microsoft Windows CloudExperienceHost, apply the security update that checks COM objects to resolve the issue. As a temporary workaround, consider restricting access to COM objects until a patch is available.