CVE-2020-16895

Name of the Vulnerable Software and Affected Versions: Windows Error Reporting Manager (affected versions not specified)

Description: The issue is related to insufficient access restrictions in the Windows Error Reporting Manager, allowing an attacker to potentially elevate their privileges by running a specially crafted application. This could lead to an attacker gaining elevated status, potentially allowing them to delete targeted files. To exploit this, an attacker would first need to log on to the system and then run the specially crafted application.

Recommendations: To resolve the issue, apply the security update that corrects how Windows Error Reporting manager handles process crashes. As a temporary workaround, consider restricting access to the Windows Error Reporting manager until the security update is applied.