Microsoft Windows DiagTrack 'UtcApi_DownloadLatestSettings' Arbitrary File Read
Microsoft Windows could allow a local authenticated malicious user to obtain sensitive information, caused by a flaw in the Windows Connected User Experiences and Telemetry Service. By persuading a victim to open specially-crafted content, a remote attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.
This month the vendor has patched 115 vulnerabilities, 25 of which are rated Critical.
Posted: 11 Mar, 202028 Min ReadThreat Intelligence SubscribeMicrosoft Patch Tuesday – March 2020This month the vendor has patched 115 vulnerabilities, 25 of which are rated Critical.As always, customers are advised to follow these security best practices:
Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintaining functionality.