CVE-2020-0752: 
vulnerability analysis and mitigation

An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, identified as CVE-2020-0752. This vulnerability was disclosed in February 2020 and affects various versions of Microsoft Windows, including Windows 10, Windows 7 SP1, and Windows 8.1. The vulnerability is unique from similar issues tracked as CVE-2020-0666, CVE-2020-0667, and CVE-2020-0735 (NVD, CVE).

The vulnerability has been assigned a CVSS v3.1 Base Score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. Under CVSS v2.0, it received a Base Score of 4.6 (MEDIUM) with the vector (AV:L/AC:L/Au:N/C:P/I:P/A:P). The vulnerability specifically relates to how the Windows Search Indexer component handles objects in memory (NVD).

If successfully exploited, this vulnerability could allow an attacker to gain elevated privileges on the affected system. The attacker could then install programs, view, change, or delete data, or create new accounts with full user rights (NVD).

Microsoft has released security updates to address this vulnerability as part of their February 2020 Patch Tuesday updates. Users are advised to apply the appropriate security updates to their systems (Talos).