CVE-2020-1012

Name of the Vulnerable Software and Affected Versions: Windows (affected versions not specified)

Description: The issue is related to the WinINet API component of the Windows operating system and involves insecure privilege management. Exploitation of this issue could allow a remote attacker to elevate their privileges and execute arbitrary code. An attacker could exploit the vulnerability through various means, including hosting a specially crafted website or providing a specially crafted document file. The attacker would need to convince a user to view the website or open the document file. The vulnerability is addressed by ensuring that the Wininit.dll properly handles objects in memory.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.