Yesterday, for its December 2020 Patch Tuesday, Microsoft released an important security update addressing a Windows Lock Screen Security Feature Bypass Vulnerability .
About the vulnerability
An authenticated user has signed into a device and locks his or her active session.
An attacker with physical access could then perform actions that would allow them to execute code from the Windows lock screen in the context of the active user session.
Affected Operating Systems
This security update is rated with a CVSS version 3 score of 6.8/5.9 for the following releases of Windows Server:
- Windows 10 version 1607
- Windows 10 version 1803
- Windows 10 version 1809
- Windows Server 2016
- Windows Server 2019
Mitigations
Microsoft has not identified any mitigating factors for this vulnerability.
Acknowledgements
Microsoft recognizes the efforts of the Lockheed Martin Red Team, who helped them protect organizations through coordinated vulnerability disclosure.
Call to action
I urge you to install the necessary security updates on Windows and Windows Server installations in a test environment as soon as possible, assess the risk and possible impact on your production environment and then, roll out this update to Windows and Windows Server installations in the production environment.
FURTHER READING
CVE 2020 17099 Windows Lock Screen Security Feature Bypass Vulnerability
Login