Attention, this is a warning you admins should take seriously: there is exploit code available for windows 10 that allows a local user to elevate to admin... so far nothing new, we have that almost every month. Only that this time, Microsoft will not be able to patch it unless you actively co-operate.

If you use WSUS or configmgr to deploy windows 10 feature upgrades (ANY version up to 20H1), you will HAVE TO decline those packages on WSUS/configmgr and sync the latest (patched) feature update bundles and approve those for deployment. Also make sure that no setups linger at your clients in a "downloaded, ready to install" state.

What the old, unpatched setups do: they allow attackers to create a fake temporary setup folder and place scripts within that get executed by the update service (=system) account. The same holds of course true for any ISOs that you might have downloaded before August 11th, 2020 - delete them and re-download them.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1571 assesses this as "Exploitation Less Likely" and "not exploited", but I saw videos of people demonstrating how to exploit it.