Kaspersky Threats — No se encontró la página que estás buscando.<br>Pero puedes ver nuestras últimas vulnerabilidades y amenazas descritas.

Descripción

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in Group Policy Services Policy Processing can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows CNG Key Isolation Service can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Modules Installer can be exploited remotely via specially crafted application to gain privileges.
An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
A remote code execution vulnerability in Hyper-V RemoteFX vGPU can be exploited remotely via specially crafted application to execute arbitrary code.
An elevation of privilege vulnerability in Windows Profile Service can be exploited remotely via specially crafted application to gain privileges.
A denial of service vulnerability in Local Security Authority Subsystem Service can be exploited remotely via specially crafted authentication to cause denial of service.
An elevation of privilege vulnerability in Windows Event Logging Service can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows UPnP Device Host can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Network Connections Service can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in GDI+ can be exploited remotely via specially crafted website to execute arbitrary code.
A remote code execution vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to execute arbitrary code.
An elevation of privilege vulnerability in Windows Network Location Awareness Service can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in Windows Font Library can be exploited remotely via specially crafted fonts to execute arbitrary code.
An elevation of privilege vulnerability in Windows ALPC can be exploited remotely via specially crafted application to gain privileges.
An information disclosure vulnerability in Windows Imaging Component can be exploited remotely via specially crafted website to obtain sensitive information.
An elevation of privilege vulnerability in Windows Network Connections Service can be exploited to gain privileges.
A remote code execution vulnerability in Windows DNS Server can be exploited remotely to execute arbitrary code.
An information disclosure vulnerability in Microsoft Graphics Component can be exploited remotely via specially crafted application to obtain sensitive information.
A remote code execution vulnerability in Windows Address Book can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows Function Discovery Service can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
A remote code execution vulnerability in Windows Jet Database Enginecan be exploited via specially crafted file to execute arbitrary code.
An elevation of privilege vulnerability in Windows ActiveX Installer Service can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in VBScript can be exploited remotely via specially crafted website to execute arbitrary code.
An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
A remote code execution vulnerability in Microsoft Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.
A remote code execution vulnerability in DirectWrite can be exploited remotely via specially crafted document to execute arbitrary code.
A remote code execution vulnerability in LNK can be exploited remotely to execute arbitrary code.

Notas informativas originales

CVE-2020-1333
CVE-2020-1384
CVE-2020-1346
CVE-2020-1389
CVE-2020-1032
CVE-2020-1036
CVE-2020-1360
CVE-2020-1267
CVE-2020-1365
CVE-2020-1354
CVE-2020-1419
CVE-2020-1438
CVE-2020-1435
CVE-2020-1412
CVE-2020-1437
CVE-2020-1436
CVE-2020-1430
CVE-2020-1428
CVE-2020-1396
CVE-2020-1397
CVE-2020-1390
CVE-2020-1359
CVE-2020-1371
CVE-2020-1350
CVE-2020-1351
CVE-2020-1040
CVE-2020-1041
CVE-2020-1042
CVE-2020-1043
CVE-2020-1373
CVE-2020-1410
CVE-2020-1374
CVE-2020-1085
CVE-2020-1407
CVE-2020-1400
CVE-2020-1401
CVE-2020-1402
CVE-2020-1403
CVE-2020-1427
CVE-2020-1468
CVE-2020-1408
CVE-2020-1409
CVE-2020-1421
ADV200008

Explotación

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Productos relacionados

Lista CVE

CVE-2020-1403
critical
CVE-2020-1333
high
CVE-2020-1384
critical
CVE-2020-1346
critical
CVE-2020-1389
high
CVE-2020-1032
critical
CVE-2020-1036
critical
CVE-2020-1360
critical
CVE-2020-1267
warning
CVE-2020-1365
critical
CVE-2020-1354
critical
CVE-2020-1419
high
CVE-2020-1438
critical
CVE-2020-1435
critical
CVE-2020-1412
critical
CVE-2020-1437
critical
CVE-2020-1436
critical
CVE-2020-1430
critical
CVE-2020-1428
critical
CVE-2020-1396
critical
CVE-2020-1397
high
CVE-2020-1390
critical
CVE-2020-1359
critical
CVE-2020-1371
critical
CVE-2020-1350
critical
CVE-2020-1351
high
CVE-2020-1040
critical
CVE-2020-1041
critical
CVE-2020-1042
critical
CVE-2020-1043
critical
CVE-2020-1373
critical
CVE-2020-1410
critical
CVE-2020-1374
critical
CVE-2020-1085
critical
CVE-2020-1407
critical
CVE-2020-1400
critical
CVE-2020-1401
critical
CVE-2020-1402
critical
CVE-2020-1427
critical
CVE-2020-1468
high
CVE-2020-1408
critical
CVE-2020-1409
critical
CVE-2020-1421
critical

Lista KB

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com

¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!