Security Experts:

Connect with us

Hi, what are you looking for?



Researchers Divulge Details on Five Windows Zero Days

Zero Day Initiative Researchers Publish Five Windows Zero Days

Zero Day Initiative Researchers Publish Five Windows Zero Days

Security researchers working with Trend Micro’s Zero Day Initiative (ZDI) have published information on five unpatched vulnerabilities in Microsoft Windows, including four considered high risk.

Tracked as CVE-2020-0916, CVE-2020-0986, and CVE-2020-0915, and featuring a CVSS score of 7.0, the first three of these zero-day vulnerabilities could allow an attacker to escalate privileges on the affected system. 

The security flaws were identified in the user-mode printer driver host process splwow64.exe, and exists because user-supplied input isn’t properly validated before being dereferenced as a pointer. 

Adversaries looking to exploit these security flaws would first need to gain low privilege access to the system. Successful exploitation would allow them to execute code in the context of the current user at medium integrity. 

The same user-mode printer driver host process splwow64.exe was also found vulnerable to a low severity information disclosure bug. Tracked as CVE-2020-0915 and featuring a CVSS score of 2.5, the issue results from the same lack of validation of a user-supplied value before being dereferenced as a pointer.

Microsoft was informed on the existence of these vulnerabilities in December 2019 and was aiming to release a patch on May 2020 Patch Tuesday, but missed the deadline. Only beta fixes were provided to the security researchers, for testing. 

Also featuring a CVSS score of 7.0 and allowing attackers to escalate privileges is a vulnerability in the handling of WLAN connection profiles that has no CVE identifier.  

“By creating a malicious profile, an attacker can disclose credentials for the machine account. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of an administrator,” ZDI explains

The security researchers also revealed that Microsoft was informed on the vulnerability in January, but said that a patch won’t be released for the issue. 

Related: Windows Vulnerabilities Exploited for Code Execution, Privilege Escalation

Related: Researcher Finds New Class of Windows Vulnerabilities

Related: SMBGhost Vulnerability Allows Privilege Escalation on Windows Systems

Related: NSA Discloses Serious Windows Vulnerability to Microsoft

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.


Security researchers have observed an uptick in attacks targeting CVE-2021-35394, an RCE vulnerability in Realtek Jungle SDK.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.


Google has awarded more than $25,000 to the researchers who reported the vulnerabilities patched with the release of the latest Chrome update.


Several vulnerabilities have been patched in OpenText’s enterprise content management (ECM) product.