image credit: Pixabay

Researchers disclose five Microsoft Windows zero-days

May 20, 2020

Security experts from Trend Micro’s Zero Day Initiative (ZDI) have published information on five unpatched vulnerabilities in Microsoft Windows.

Four vulnerabilities are classified as high-risk severity, three of them are zero-day vulnerabilities tracked as CVE-2020-0916, CVE-2020-0986, and CVE-2020-0915. The flaws could allow an attacker to escalate privileges on the affected system, they received a CVSS score of 7.0.

The vulnerabilities affect in the user-mode printer driver host process splwow64.exe, and is caused by the lack of validation for user-supplied input being dereferenced as a pointer.

Read More on Security Affairs