Kaspersky Threats

Description

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, spoof user interface.

Below is a complete list of vulnerabilities:

A memory corruption vulnerability in Media Foundation can be exploited remotely via specially crafted document to execute arbitrary code.
An elevation of privilege vulnerability in Windows Remote Access can be exploited remotely via specially crafted application to gain privileges.
An information disclosure vulnerability in Windows RRAS Service can be exploited remotely via specially crafted application to obtain sensitive information.
An elevation of privilege vulnerability in Windows Server Resource Management Service can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Backup Engine can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Function Discovery SSDP Provider can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Work Folders Service can be exploited remotely via specially crafted application to gain privileges.
A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
An information disclosure vulnerability in DirectWrite can be exploited remotely via specially crafted document to obtain sensitive information.
An elevation of privilege vulnerability in Windows Work Folder Service can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
An information disclosure vulnerability in Windows Image Acquisition Service can be exploited remotely via specially crafted application to obtain sensitive information.
An elevation of privilege vulnerability in Windows File Server Resource Management Service can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows UPnP Device Host can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Telephony Server can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Netlogon can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows GDI can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows dnsrslvr.dll can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Registry can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in Windows Media can be exploited remotely via specially crafted document to execute arbitrary code.
A remote code execution vulnerability in MSHTML Engine can be exploited remotely via specially crafted file to execute arbitrary code.
An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely via specially crafted script to gain privileges.
A remote code execution vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to execute arbitrary code.
An elevation of privilege vulnerability in Windows CSC Service can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Backup Service can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Hard Link can be exploited remotely via specially crafted application to gain privileges.
A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
A remote code execution vulnerability in Windows Font Driver Host can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability can be exploited remotely via specially crafted application to gain privileges.
A memory corruption vulnerability can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows AppX Deployment Extensions can be exploited remotely via specially crafted application to gain privileges.
A denial of service vulnerability in Windows Remote Desktop Gateway can be exploited remotely via specially crafted file to cause denial of service.
Information disclosure vulnerability in Media Foundation can be exploited to obtain sensitive information.
An elevation of privilege vulnerability in Local Security Authority Subsystem Service can be exploited remotely via specially crafted application to gain privileges.

Original advisories

CVE-2020-1379
CVE-2020-1537
CVE-2020-1383
CVE-2020-1475
CVE-2020-1545
CVE-2020-1579
CVE-2020-1470
CVE-2020-1570
CVE-2020-1536
CVE-2020-1577
CVE-2020-1552
CVE-2020-1535
CVE-2020-1473
CVE-2020-1551
CVE-2020-1530
CVE-2020-1474
CVE-2020-1518
CVE-2020-1519
CVE-2020-1516
CVE-2020-1478
CVE-2020-1558
CVE-2020-1515
CVE-2020-1538
CVE-2020-1539
CVE-2020-1557
CVE-2020-1554
CVE-2020-1472
CVE-2020-1517
CVE-2020-1484
CVE-2020-1485
CVE-2020-1486
CVE-2020-1544
CVE-2020-1529
CVE-2020-1584
CVE-2020-1587
CVE-2020-1377
CVE-2020-1477
CVE-2020-1339
CVE-2020-1567
CVE-2020-1337
CVE-2020-1378
CVE-2020-1564
CVE-2020-1562
CVE-2020-1513
CVE-2020-1541
CVE-2020-1540
CVE-2020-1543
CVE-2020-1542
CVE-2020-1534
CVE-2020-1467
CVE-2020-1464
CVE-2020-1546
CVE-2020-1547
CVE-2020-1520
CVE-2020-1489
CVE-2020-1565
CVE-2020-1492
CVE-2020-1488
CVE-2020-1466
CVE-2020-1487
CVE-2020-1509

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

CVE list

CVE-2020-1488
high
CVE-2020-1379
high
CVE-2020-1537
critical
CVE-2020-1383
high
CVE-2020-1475
critical
CVE-2020-1545
critical
CVE-2020-1579
critical
CVE-2020-1470
critical
CVE-2020-1570
critical
CVE-2020-1536
critical
CVE-2020-1577
critical
CVE-2020-1552
critical
CVE-2020-1535
critical
CVE-2020-1473
high
CVE-2020-1551
critical
CVE-2020-1530
critical
CVE-2020-1474
critical
CVE-2020-1518
critical
CVE-2020-1519
critical
CVE-2020-1516
critical
CVE-2020-1478
critical
CVE-2020-1558
critical
CVE-2020-1515
critical
CVE-2020-1538
critical
CVE-2020-1539
critical
CVE-2020-1557
high
CVE-2020-1554
critical
CVE-2020-1472
high
CVE-2020-1517
critical
CVE-2020-1484
critical
CVE-2020-1485
high
CVE-2020-1486
critical
CVE-2020-1544
critical
CVE-2020-1529
critical
CVE-2020-1584
critical
CVE-2020-1587
critical
CVE-2020-1377
critical
CVE-2020-1477
high
CVE-2020-1339
critical
CVE-2020-1567
warning
CVE-2020-1337
critical
CVE-2020-1378
critical
CVE-2020-1564
critical
CVE-2020-1562
critical
CVE-2020-1513
critical
CVE-2020-1541
critical
CVE-2020-1540
critical
CVE-2020-1543
critical
CVE-2020-1542
critical
CVE-2020-1534
critical
CVE-2020-1467
critical
CVE-2020-1464
critical
CVE-2020-1546
critical
CVE-2020-1547
critical
CVE-2020-1520
critical
CVE-2020-1489
critical
CVE-2020-1492
critical
CVE-2020-1487
critical
CVE-2020-1565
critical
CVE-2020-1509
critical
CVE-2020-1466
critical

KB list

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!

Multiple vulnerabilities in Microsoft Products (ESU)