CVE-2020-0616
published 2020-01-14CVE-2020-0616: A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'.
medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10 | — | — |
| microsoft | windows_10_version_1903_for_32-bit_systems | — | — |
| microsoft | windows_10_version_1903_for_arm64-based_systems | — | — |
| microsoft | windows_10_version_1903_for_x64-based_systems | — | — |
| microsoft | windows_10_version_1909_for_32-bit_systems | — | — |
| microsoft | windows_10_version_1909_for_arm64-based_systems | — | — |
| microsoft | windows_10_version_1909_for_x64-based_systems | — | — |
| microsoft | windows_server | — | — |
| microsoft | windows_server | — | — |
| microsoft | windows_server_2016 | — | — |
| microsoft | windows_server_2016 | — | — |
| msrc | windows_10_version_1809_for_32-bit_systems | — | — |
| msrc | windows_10_version_1809_for_arm64-based_systems | — | — |
| msrc | windows_10_version_1809_for_x64-based_systems | — | — |
| msrc | windows_10_version_1903_for_32-bit_systems | — | — |
| msrc | windows_10_version_1903_for_arm64-based_systems | — | — |
| msrc | windows_10_version_1903_for_x64-based_systems | — | — |
| msrc | windows_10_version_1909_for_32-bit_systems | — | — |
| msrc | windows_10_version_1909_for_arm64-based_systems | — | — |
| msrc | windows_10_version_1909_for_x64-based_systems | — | — |
GHSA
GHSA-wffv-45fq-q499: A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'
ghsa_unreviewed·2022-05-24
CVE-2020-0616 [MEDIUM] GHSA-wffv-45fq-q499: A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'
A denial of service vulnerability exists when Windows improperly handles hard links, aka 'Microsoft Windows Denial of Service Vulnerability'.
Microsoft
Microsoft Windows Denial of Service Vulnerability
vendor_msrc·2020-01-14·CVSS 5.5
CVE-2020-0616 [MEDIUM] Microsoft Windows Denial of Service Vulnerability
Microsoft Windows Denial of Service Vulnerability
Description: A denial of service vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.
To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would allow an attacker to overwrite system files.
The update addresses the vulnerability by correcting ACLs to system files.
Microsoft Windows: Microsoft Windows
Impact: Denial of Service
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:Permanent
Reference: https://catalog.update.microsoft.co
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage
blogs_talos·2020-01-14·CVSS 8.1
CVE-2020-0601 [HIGH] Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage
## Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw. Updated January 15th: Added an Advanced Custom Detection (ACD) signature for AMP that can be used to detect exploitation of CVE-2020-0601 by spoofing certificates masquerading as a Microsoft ECC Code Signing Certificate Authority.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 49 vulnerabilities, eight of which are considered critical.
This month's security update is particularly important for its disclosure of two vulnerabilities related to a core cryptographic component in all versions of Windows. CVE-2020-0601 could allow an attacker to use cryptography
Talos
Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage
blogs_talos·2020-01-14·CVSS 8.1
CVE-2020-0601 [HIGH] Microsoft Patch Tuesday — Jan. 2020: Vulnerability disclosures and Snort coverage
By Jon Munshaw.
Updated January 15th: Added an Advanced Custom Detection (ACD) signature for AMP that can be used to detect exploitation of CVE-2020-0601 by spoofing certificates masquerading as a Microsoft ECC Code Signing Certificate Authority.
Microsoft released its monthly security update today, disclosing vulnerabilities across many of its products and releasing corresponding updates. This month's Patch Tuesday covers 49 vulnerabilities, eight of which are considered critical.
This month's security update is particularly important for its disclosure of two vulnerabilities related to a core cryptographic component in all versions of Windows. CVE-2020-0601 could allow an attacker to use cryptography to sign a malicious executable, making the file appear as if it was from a trusted sou
2020-01-14
Published