Descripción
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Windows Remote Access can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows NDIS can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Kernel Local can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows KernelStream can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Network File System can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Print Spooler can be exploited remotely to execute arbitrary code.
- A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Remote Desktop Protocol Server can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Port Class Library can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Canonical Display Driver can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows GDI+ can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows Function Discovery SSDP Provider can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Graphics Component can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Kerberos KDC can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Client Side Rendering Print Provider can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Network File System can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows Hyper-V can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Print Configuration can be exploited remotely to gain privileges.
Notas informativas originales
- CVE-2020-17069
- CVE-2020-17087
- CVE-2020-17088
- CVE-2020-17045
- CVE-2020-17051
- CVE-2020-17047
- CVE-2020-17042
- CVE-2020-1599
- CVE-2020-17044
- CVE-2020-16997
- CVE-2020-17014
- CVE-2020-17038
- CVE-2020-17011
- CVE-2020-17029
- CVE-2020-17000
- CVE-2020-17001
- CVE-2020-17068
- CVE-2020-17036
- CVE-2020-17004
- CVE-2020-17049
- CVE-2020-17034
- CVE-2020-17026
- CVE-2020-17027
- CVE-2020-17055
- CVE-2020-17024
- CVE-2020-17032
- CVE-2020-17056
- CVE-2020-17025
- CVE-2020-17033
- CVE-2020-17040
- CVE-2020-17028
- CVE-2020-17041
- CVE-2020-17031
Explotación
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Productos relacionados
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
Lista CVE
- CVE-2020-17043 critical
- CVE-2020-17069 high
- CVE-2020-17087 critical
- CVE-2020-17088 critical
- CVE-2020-17045 high
- CVE-2020-17051 critical
- CVE-2020-17047 critical
- CVE-2020-17042 critical
- CVE-2020-1599 high
- CVE-2020-17044 critical
- CVE-2020-16997 critical
- CVE-2020-17014 critical
- CVE-2020-17038 critical
- CVE-2020-17011 critical
- CVE-2020-17029 high
- CVE-2020-17000 high
- CVE-2020-17001 critical
- CVE-2020-17068 critical
- CVE-2020-17036 high
- CVE-2020-17004 high
- CVE-2020-17049 high
- CVE-2020-17040 critical
- CVE-2020-17041 critical
- CVE-2020-17026 critical
- CVE-2020-17028 critical
- CVE-2020-17024 critical
- CVE-2020-17025 critical
- CVE-2020-17034 critical
- CVE-2020-17033 critical
- CVE-2020-17027 critical
- CVE-2020-17056 high
- CVE-2020-17055 critical
- CVE-2020-17031 critical
- CVE-2020-17032 critical
Lista KB
- 4586827
- 4586834
- 4586845
- 4586817
- 4586805
- 4586807
- 4586808
- 4586823
- 4598278
- 4598297
- 5004302
- 5004294
- 5004298
- 5004285
- 5004289
- 5004307
- 5004299
- 5004305
Leer más
Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com
¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!