Description
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, bypass security restrictions, spoof user interface, cause denial of service.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Windows Remote Desktop Gateway (RD Gateway) can be exploited remotely via specially crafted requests to execute arbitrary code.
- An information disclosure vulnerability in Win32k can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Search Indexer can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
- An information disclosure vulnerability in Microsoft Graphics Component can be exploited remotely via specially crafted application to obtain sensitive information.
- A security feature bypass vulnerability in Windows can be exploited remotely via to bypass security restrictions.
- An elevation of privilege vulnerability in Microsoft Cryptographic Services can be exploited remotely via to gain privileges.
- A spoofing vulnerability in Windows CryptoAPI can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Microsoft Windows can be exploited remotely via specially crafted application to gain privileges.
- An information disclosure vulnerability in Windows GDI+ can be exploited remotely via specially crafted application to obtain sensitive information.
- An information disclosure vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely via specially crafted application to gain privileges.
- An elevation of privilege vulnerability in Windows Subsystem for Linux can be exploited remotely via specially crafted application to gain privileges.
- An information disclosure vulnerability in Remote Desktop Web Access can be exploited remotely via to obtain sensitive information.
- A denial of service vulnerability in Windows Remote Desktop Gateway (RD Gateway) can be exploited remotely via specially crafted requests to cause denial of service.
- An information disclosure vulnerability in Windows Common Log File System Driver can be exploited remotely via specially crafted application to obtain sensitive information.
- A remote code execution vulnerability in Remote Desktop Client can be exploited remotely via to execute arbitrary code.
- A denial of service vulnerability in Microsoft Windows can be exploited remotely via specially crafted application to cause denial of service.
- A denial of service vulnerability in Hyper-V can be exploited remotely via specially crafted application to cause denial of service.
- An elevation of privilege vulnerability in Update Notification Manager can be exploited remotely via specially crafted application to gain privileges.
Technical details
(8) CVE-2020-0601 The certificate validation vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. It could allow an adversary to spoof a code-signing or TLS certificate and have it appear as valid, in addition this vulnerability may allow remote code execution. This Microsoft security patch also creates a new log event with event ID 1 in the Windows Application event log to record the attempted exploitation of this vulnerability.
Original advisories
- CVE-2020-0608
- CVE-2020-0625
- CVE-2020-0624
- CVE-2020-0623
- CVE-2020-0622
- CVE-2020-0621
- CVE-2020-0620
- CVE-2020-0601
- CVE-2020-0629
- CVE-2020-0628
- CVE-2020-0644
- CVE-2020-0641
- CVE-2020-0643
- CVE-2020-0642
- CVE-2020-0607
- CVE-2020-0630
- CVE-2020-0631
- CVE-2020-0632
- CVE-2020-0633
- CVE-2020-0634
- CVE-2020-0635
- CVE-2020-0636
- CVE-2020-0637
- CVE-2020-0612
- CVE-2020-0639
- CVE-2020-0610
- CVE-2020-0611
- CVE-2020-0616
- CVE-2020-0617
- CVE-2020-0614
- CVE-2020-0615
- CVE-2020-0627
- CVE-2020-0626
- CVE-2020-0613
- CVE-2020-0638
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2020-0609 critical
- CVE-2020-0608 high
- CVE-2020-0625 critical
- CVE-2020-0624 critical
- CVE-2020-0623 critical
- CVE-2020-0622 high
- CVE-2020-0621 warning
- CVE-2020-0620 critical
- CVE-2020-0601 critical
- CVE-2020-0629 critical
- CVE-2020-0628 critical
- CVE-2020-0644 critical
- CVE-2020-0641 critical
- CVE-2020-0643 high
- CVE-2020-0642 critical
- CVE-2020-0607 high
- CVE-2020-0630 critical
- CVE-2020-0631 critical
- CVE-2020-0632 critical
- CVE-2020-0633 critical
- CVE-2020-0634 critical
- CVE-2020-0635 critical
- CVE-2020-0636 critical
- CVE-2020-0637 high
- CVE-2020-0612 critical
- CVE-2020-0639 high
- CVE-2020-0610 critical
- CVE-2020-0611 critical
- CVE-2020-0616 high
- CVE-2020-0617 high
- CVE-2020-0614 critical
- CVE-2020-0615 high
- CVE-2020-0627 critical
- CVE-2020-0626 critical
- CVE-2020-0613 critical
- CVE-2020-0638 critical
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com