A severe privilege escalation vulnerability has been patched in the Windows Docker Desktop Service.
On Friday, cybersecurity researchers from Pen Test Partners publicly disclosed the problem, a privilege escalation vulnerability buried in how the software uses pipes.
The vulnerability, tracked as CVE-2020-11492, was discovered after analyzing how Docker Desktop for Windows — the primary service platform for Docker — uses named pipes when communicating as a client to child processes.