7.8
CVSSv2

CVE-2020-1118

Published: 21/05/2020 Updated: 27/05/2020
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Summary

A denial of service vulnerability exists in the Windows implementation of Transport Layer Security (TLS) when it improperly handles certain key exchanges, aka 'Microsoft Windows Transport Layer Security Denial of Service Vulnerability'.

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrosoftWindows 101709, 1803, 1809, 1903, 1909
MicrosoftWindows Server 2019-, 1903, 1909

Recent Articles

Sadly, 111 in this story isn't binary. It's decimal. It's the number of security fixes emitted by Microsoft this week
The Register • Shaun Nichols in San Francisco • 13 May 2020

Nothing too scary. Plus updates from SAP, Adobe, VMware

The May edition of Patch Tuesday landed this week. And there are scores of security fixes to install.
A total of 111 fixes were released by Microsoft, though on the bright side none are being actively exploited, as far as we know. Sixteen earned Microsoft's top rating of critical, and range from remote code execution to elevation of privilege.
One standout programming blunder was CVE-2020-1067, a remote-code execution (RCE) vulnerability in all supported versions of Windows. Anyone w...

Microsoft Addresses 111 Bugs for May Patch Tuesday
Threatpost • Tara Seals • 12 May 2020

Microsoft has released fixes for 111 security vulnerabilities in its May Patch Tuesday update, including 16 critical bugs and 96 that are rated important.
Unlike other recent monthly updates from the computing giant this year, none of the flaws are publicly known or under active attack at the time of release.

Along with the expected cache of operating system, browser, Office and SharePoint updates, Microsoft has also released updates for .NET Framework, .NET Core, Visual Studi...