CVE-2020-0824: 
vulnerability analysis and mitigation

A remote code execution vulnerability (CVE-2020-0824) exists in Internet Explorer when it improperly accesses objects in memory, also known as 'Internet Explorer Memory Corruption Vulnerability'. The vulnerability was disclosed in March 2020 and affects Internet Explorer 11 and various versions of Microsoft Windows operating systems (NVD, MITRE).

The vulnerability has been assigned a CVSS v3.1 base score of 7.5 (HIGH) with the following vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H. This indicates that the vulnerability is network exploitable but requires high attack complexity and user interaction. The vulnerability stems from memory corruption issues when Internet Explorer improperly handles objects in memory (NVD).

If successfully exploited, an attacker could gain the same user rights as the current user. The impact is particularly severe if the user is logged in with administrative rights, as the attacker could then execute arbitrary code in the context of the current user, potentially taking complete control of the affected system (Threatpost).

Microsoft addressed this vulnerability by releasing security updates as part of its March 2020 Patch Tuesday. Users are advised to apply the appropriate patches immediately after testing. Microsoft also recommends running all software as a non-privileged user to minimize the impact of a potential successful attack (NVD).