CVE-2020-0992: 
vulnerability analysis and mitigation

A remote code execution vulnerability (CVE-2020-0992) exists in the Windows Jet Database Engine when it improperly handles objects in memory. This vulnerability was disclosed in April 2020 and affects multiple versions of Microsoft Windows operating systems. This vulnerability is distinct from several other CVEs including CVE-2020-0889, CVE-2020-0953, CVE-2020-0959, CVE-2020-0960, CVE-2020-0988, CVE-2020-0994, CVE-2020-0995, CVE-2020-0999, and CVE-2020-1008 (NVD).

The vulnerability has received a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. Under CVSS v2.0, it scored 9.3 (HIGH) with the vector (AV:N/AC:M/Au:N/C:C/I:C/A:C). The vulnerability requires user interaction to be exploited, as indicated by the CVSS metrics (NVD).

If successfully exploited, this vulnerability could allow an attacker to execute arbitrary code on the affected system with the same privileges as the current user. The high CVSS scores indicate potential severe impacts on the confidentiality, integrity, and availability of the affected systems (NVD).

Microsoft has released security updates to address this vulnerability. Users should apply the appropriate patches through Windows Update to protect their systems (Microsoft Security Advisory).