Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.
View products that this article applies to.
An remote code execution vulnerability exists in Microsoft Dynamics NAV 2015. A user who has the permission to access certain features that requires a call from the Role-Tailored Client with the dataset structure can start arbitrary shell commands through deserialization.
To learn more about the vulnerability, go to CVE-2020-0905.
The following file is available for download from the Microsoft Download Center:
To apply this security update, you must have Microsoft Dynamics NAV 2015 installed.
You may have to restart the computer after you apply this security update.
This security update doesn't replace other security updates.
For deployment details for this security update, go to the following article in the Microsoft Knowledge Base:
Protect yourself online: Windows Security support
Learn how we guard against cyber threats: Microsoft Security
Keywords: atdownload, kbbug, kbexpertiseinter, kbfix, kbmustloc, kbsecbulletin, kbsecreview, kbsecurity, kbsecvulnerability, kbsurveynew, kblangall
