TTCSIRT-338.08.19.20: TT-CSIRT ADVISORY – Microsoft Windows Kernel Information Disclosure

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve
information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass.

An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object.

Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information.

Security updates addresses the vulnerability by correcting how the Windows kernel handles memory addresses.

Please see the following link for further support and information about this vulnerability:
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1578

If you have any queries or comments with regards to this advisory, please feel free to contact TTCSIRT via contacts@ttcsirt.gov.tt