CVE-2020-16938

Name of the Vulnerable Software and Affected Versions: Windows kernel (affected versions not specified)

Description: An information disclosure issue exists due to the Windows kernel's improper handling of objects in memory. This could allow an attacker to obtain information that could be used to further compromise the system by running a specially crafted application on an affected system. The vulnerability does not allow an attacker to execute code or elevate user rights directly but can be used to obtain sensitive information.

Recommendations: To resolve the issue, update the Windows kernel to the latest version that corrects how the kernel handles objects in memory. As a temporary workaround, consider restricting access to sensitive information and physical drives to minimize the risk of exploitation. Avoid using weak NTFS volume permissions until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.