Kaspersky Threats

Описание

Multiple vulnerabilities were fixed in Microsoft Extended Security Updates. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows User Profile Service can be exploited remotely via specially crafted application to gain privileges.
An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted application to obtain sensitive information.
An elevation of privilege vulnerability in Windows Backup Service can be exploited remotely via specially crafted application to gain privileges.
An information disclosure vulnerability in Windows Key Isolation Service can be exploited remotely via specially crafted application to obtain sensitive information.
An information disclosure vulnerability in Windows Network Driver Interface Specification (NDIS) can be exploited remotely via specially crafted application to obtain sensitive information.
An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in Windows can be exploited remotely via specially crafted request to execute arbitrary code.
An elevation of privilege vulnerability in Windows Search Indexer can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Active Directory can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows Function Discovery Service can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Installer can be exploited remotely via specially crafted application to gain privileges.
An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
A remote code execution vulnerability in Windows Imaging Library can be exploited remotely via specially crafted file to execute arbitrary code.
An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely via specially crafted application to gain privileges.
A memory corruption vulnerability in Media Foundation can be exploited remotely via specially crafted document to execute arbitrary code.
An elevation of privilege vulnerability in Windows Error Reporting Manager can be exploited remotely via specially crafted application to gain privileges.
A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
An elevation of privilege vulnerability in Windows Error Reporting can be exploited remotely via specially crafted application to gain privileges.
A remote code execution vulnerability in Remote Desktop Services can be exploited remotely to execute arbitrary code.
An information disclosure vulnerability in Windows Common Log File System Driver can be exploited remotely via specially crafted application to obtain sensitive information.
A remote code execution vulnerability in LNK can be exploited remotely to execute arbitrary code.
An information disclosure vulnerability in Windows can be exploited remotely via specially crafted application to obtain sensitive information.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

CVE-2020-0730
high
CVE-2020-0703
critical
CVE-2020-0729
critical
CVE-2020-0705
high
CVE-2020-0722
critical
CVE-2020-0723
critical
CVE-2020-0720
critical
CVE-2020-0721
critical
CVE-2020-0726
critical
CVE-2020-0724
critical
CVE-2020-0725
critical
CVE-2020-0662
critical
CVE-2020-0667
critical
CVE-2020-0666
critical
CVE-2020-0665
critical
CVE-2020-0668
critical
CVE-2020-0734
critical
CVE-2020-0681
critical
CVE-2020-0680
critical
CVE-2020-0683
critical
CVE-2020-0682
critical
CVE-2020-0686
critical
CVE-2020-0708
critical
CVE-2020-0657
critical
CVE-2020-0719
critical
CVE-2020-0715
critical
CVE-2020-0678
critical
CVE-2020-0731
critical
CVE-2020-0675
high
CVE-2020-0676
high
CVE-2020-0677
high
CVE-2020-0737
critical
CVE-2020-0736
high
CVE-2020-0753
critical
CVE-2020-0752
critical
CVE-2020-0655
critical
CVE-2020-0756
high
CVE-2020-0755
high
CVE-2020-0738
critical
CVE-2020-0735
critical
CVE-2020-0754
critical
CVE-2020-0658
high
CVE-2020-0744
high
CVE-2020-0691
critical
CVE-2020-0748
high
CVE-2020-0698
high
CVE-2020-0745
critical
CVE-2020-0674
critical
CVE-2020-0673
critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!