Kaspersky Threats

Detect date

?

12/08/2020

Severity

?

Critical

Description

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Backup Engine can be exploited remotely to gain privileges.
An information disclosure vulnerability in Windows SMB can be exploited remotely to obtain sensitive information.
A security feature bypass vulnerability in Windows Lock Screen can be exploited remotely to bypass security restrictions.
An information disclosure vulnerability in Windows GDI+ can be exploited remotely to obtain sensitive information.
An elevation of privilege vulnerability in Windows Digital Media Receiver can be exploited remotely to gain privileges.
A remote code execution vulnerability in Windows NTFS can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Hyper-V can be exploited remotely to execute arbitrary code.
An information disclosure vulnerability in Windows Error Reporting can be exploited remotely to obtain sensitive information.
An elevation of privilege vulnerability in Windows Network Connections Service can be exploited remotely to gain privileges.
A security feature bypass vulnerability in Windows Overlay Filter can be exploited remotely to bypass security restrictions.
An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely to gain privileges.
A security feature bypass vulnerability in Kerberos can be exploited remotely to bypass security restrictions.

Affected products

Windows Server, version 2004 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2012
Windows Server 2012 R2 (Server Core installation)
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2016
Windows Server 2019 (Server Core installation)
Windows 10 Version 20H2 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows 10 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1607 for x64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows RT 8.1
Windows 10 Version 1803 for 32-bit Systems
Windows Server 2016 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2019
Windows 10 Version 1909 for 32-bit Systems
Windows 8.1 for x64-based systems
Windows 10 Version 2004 for ARM64-based Systems
Windows 10 Version 1903 for 32-bit Systems
Windows 10 for 32-bit Systems
Windows 10 Version 2004 for x64-based Systems
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2012 R2
Windows Server, version 1903 (Server Core installation)
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2020-17103
CVE-2020-16964
CVE-2020-16960
CVE-2020-17140
CVE-2020-16962
CVE-2020-16963
CVE-2020-16961
CVE-2020-17099
CVE-2020-17098
CVE-2020-17097
CVE-2020-17096
CVE-2020-17095
CVE-2020-17094
CVE-2020-17092
CVE-2020-17138
CVE-2020-17139
CVE-2020-17134
CVE-2020-17136
CVE-2020-17137
CVE-2020-16996
CVE-2020-16959
CVE-2020-16958
ADV200013

Impacts

?

ACE

[?]

OSI

[?]

SB

[?]

PE

[?]

Detect date ?	12/08/2020
Severity ?	Critical
Description	Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges. An elevation of privilege vulnerability in Windows Backup Engine can be exploited remotely to gain privileges. An information disclosure vulnerability in Windows SMB can be exploited remotely to obtain sensitive information. A security feature bypass vulnerability in Windows Lock Screen can be exploited remotely to bypass security restrictions. An information disclosure vulnerability in Windows GDI+ can be exploited remotely to obtain sensitive information. An elevation of privilege vulnerability in Windows Digital Media Receiver can be exploited remotely to gain privileges. A remote code execution vulnerability in Windows NTFS can be exploited remotely to execute arbitrary code. A remote code execution vulnerability in Hyper-V can be exploited remotely to execute arbitrary code. An information disclosure vulnerability in Windows Error Reporting can be exploited remotely to obtain sensitive information. An elevation of privilege vulnerability in Windows Network Connections Service can be exploited remotely to gain privileges. A security feature bypass vulnerability in Windows Overlay Filter can be exploited remotely to bypass security restrictions. An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely to gain privileges. A security feature bypass vulnerability in Kerberos can be exploited remotely to bypass security restrictions.
Affected products	Windows Server, version 2004 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 R2 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows 10 Version 1607 for 32-bit Systems Windows Server 2016 Windows Server 2019 (Server Core installation) Windows 10 Version 20H2 for 32-bit Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 8.1 for 32-bit systems Windows 10 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1607 for x64-based Systems Windows 7 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 10 Version 1803 for 32-bit Systems Windows Server 2016 (Server Core installation) Windows Server 2012 (Server Core installation) Windows Server 2019 Windows 10 Version 1909 for 32-bit Systems Windows 8.1 for x64-based systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 for 32-bit Systems Windows 10 Version 2004 for x64-based Systems Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2012 R2 Windows Server, version 1903 (Server Core installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 20H2 (Server Core Installation)
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2020-17103 CVE-2020-16964 CVE-2020-16960 CVE-2020-17140 CVE-2020-16962 CVE-2020-16963 CVE-2020-16961 CVE-2020-17099 CVE-2020-17098 CVE-2020-17097 CVE-2020-17096 CVE-2020-17095 CVE-2020-17094 CVE-2020-17092 CVE-2020-17138 CVE-2020-17139 CVE-2020-17134 CVE-2020-17136 CVE-2020-17137 CVE-2020-16996 CVE-2020-16959 CVE-2020-16958 ADV200013
Impacts ?	ACE [?] OSI [?] SB [?] PE [?]
Related products	Microsoft Windows Microsoft Windows Server Microsoft Windows Server 2012 Microsoft Windows 8 Microsoft Windows 7 Microsoft Windows Server 2008 Windows RT Microsoft Windows 10
CVE-IDS ?	CVE-2020-171037.2High CVE-2020-169647.2High CVE-2020-169607.2High CVE-2020-171404.0Warning CVE-2020-169627.2High CVE-2020-169637.2High CVE-2020-169617.2High CVE-2020-170994.6Warning CVE-2020-170982.1Warning CVE-2020-170974.6Warning CVE-2020-170969.0Critical CVE-2020-170959.0Critical CVE-2020-170942.1Warning CVE-2020-170927.2High CVE-2020-171382.1Warning CVE-2020-171394.6Warning CVE-2020-171344.6Warning CVE-2020-171364.6Warning CVE-2020-171374.6Warning CVE-2020-169964.0Warning CVE-2020-169597.2High CVE-2020-169587.2High
KB list	4592449 4592440 4592438 4592484 4593226 4592495 4592497 4592446 4592464 4592468 5000822 5000847 5000808 5000803 5000848 5000802 5000853 5000840
Microsoft official advisories	Microsoft Security Update Guide
	Find out the statistics of the vulnerabilities spreading in your region

KLA12024Multiple vulnerabilities in Microsoft Windows

KLA12024
Multiple vulnerabilities in Microsoft Windows