Home
-
CVE-2020-9817
A local root privilege escalation vulnerability existed in the macOS installer. The issue was addressed by ensuring ownership of temporary files matches the user of the process performing the installation.
-
Windows 7 ESU Patching Changelog
Update 2025-12-15
- Replaced November 2025 Monthly Update (KB5068904) with December 2025 Monthly Update (KB5071501) (x64 only).
-
CVE-2020-11443 - Zoom - Incorrect Permission Assignment for Critical Resource
The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client. Standard users are able to write to this directory, and can write links to other directories on the machine. As the installer runs with SYSTEM privileges and follows these links, a user can cause the installer to delete files otherwise not deletable by the user.
-
CVE-2020-7274 - McAfee - Improper Privilege Management
Privilege escalation vulnerability in McTray.exe in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 April 2020 Update allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges.
-
CVE-2020-7255 - McAfee - Improper Privilege Management
Privilege escalation vulnerability in the administrative user interface in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2020 Update allows local users to gain elevated privileges via a configuration error.