vulnerability
Microsoft Windows: CVE-2019-1270: Microsoft Windows Store Installer Elevation of Privilege Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:L/AC:L/Au:N/C:N/I:P/A:P) | Sep 10, 2019 | Sep 10, 2019 | Sep 5, 2025 |
Severity
4
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:P)
Published
Sep 10, 2019
Added
Sep 10, 2019
Modified
Sep 5, 2025
Description
An elevation of privilege vulnerability exists in Windows store installer where WindowsApps directory is vulnerable to symbolic link attack, aka 'Microsoft Windows Store Installer Elevation of Privilege Vulnerability'.
Solutions
microsoft-windows-windows_10-1507-kb4516070microsoft-windows-windows_10-1607-kb4516044microsoft-windows-windows_10-1703-kb4516068microsoft-windows-windows_10-1709-kb4516066microsoft-windows-windows_10-1803-kb4516058microsoft-windows-windows_10-1809-kb4512578microsoft-windows-windows_10-1903-kb4515384microsoft-windows-windows_server_2016-1607-kb4516044microsoft-windows-windows_server_2019-1809-kb4512578msft-kb4515384-1fec8c01-d96f-4692-9c3f-533f1966ba0f
References
- CVE-2019-1270
- https://attackerkb.com/topics/CVE-2019-1270
- CWE-59
- URL-https://support.microsoft.com/help/4512578
- URL-https://support.microsoft.com/help/4515384
- URL-https://support.microsoft.com/help/4516044
- URL-https://support.microsoft.com/help/4516058
- URL-https://support.microsoft.com/help/4516066
- URL-https://support.microsoft.com/help/4516068
- URL-https://support.microsoft.com/help/4516070
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.