Microsoft fixes elevation of privileges security vulnerability in Windows Setup

Unbeknownst to Windows 10 users until now, a security vulnerability existed in Windows Setup, the process with runs when installing Feature Updates for the operating system. The vulnerability (CVE-2020-16908) made it possible for a locally authenticated attacker to run arbitrary code with elevated system privileges. This flaw could be exploited to install software, create new user accounts, or interfere with data. See also: KB4579311 cumulative update is causing numerous problems for Windows 10 users Microsoft is foisting Office web apps on Edge users Microsoft is now blocking some third-party drivers in Windows 8.1, 10 and Server The vulnerability was found… [Continue Reading]