CVE-2020-0889: 
vulnerability analysis and mitigation

A remote code execution vulnerability (CVE-2020-0889) exists in the Windows Jet Database Engine when it improperly handles objects in memory. This vulnerability was discovered and reported to Microsoft, who assigned it a CVSS v3.1 base score of 7.8 (HIGH) (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The CVSS v2.0 base score is 9.3 (HIGH) with the vector (AV:N/AC:M/Au:N/C:C/I:C/A:C). The vulnerability is related to memory handling issues in the Windows Jet Database Engine (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code on the affected system, potentially gaining the same privileges as the current user. The vulnerability affects confidentiality, integrity, and availability of the system, all rated as high impact according to the CVSS scoring (NVD).

Microsoft has released security updates to address this vulnerability. The fixes are available through various KB updates for affected Windows versions including Windows 10 (multiple versions), Windows 7 SP1, and Windows 8.1 (Rapid7).