KLA11811
Multiple vulnerabilities in Microsoft System Center
Updated: 06/11/2020
Detect date
?
06/09/2020
Severity
?
High
Description

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Microsoft Windows Defender can be exploited remotely via specially crafted application to gain privileges.
  2. A spoofing vulnerability in System Center Operations Manager can be exploited remotely via specially crafted web to spoof user interface.
Affected products

Microsoft System Center Endpoint Protection
Windows Defender
System Center 2016 Operations Manager
Microsoft Security Essentials
Microsoft Forefront Endpoint Protection 2010
Microsoft System Center 2012 Endpoint Protection
Microsoft System Center 2012 R2 Endpoint Protection

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2020-1163
CVE-2020-1170
CVE-2020-1331

Impacts
?
PE 
[?]

SUI 
[?]
Related products
Microsoft System Center Operations Manager
CVE-IDS
?
CVE-2020-11630.0Unknown
CVE-2020-11700.0Unknown
CVE-2020-13310.0Unknown
KB list

4566040