KLA11747
Multiple vulnerabilities in Mycrosoft System Center
Обновлено: 22/05/2020
Дата обнаружения
14/04/2020
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Mycrosoft System Center. Malicious users can exploit these vulnerabilities to gain privileges.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Microsoft Defender can be exploited remotely via specially crafted command to gain privileges.
  2. An elevation of privilege vulnerability in Windows Defender Antimalware Platform Hard Link can be exploited remotely via specially crafted application to gain privileges.
Пораженные продукты

Microsoft System Center Endpoint Protection
Microsoft Security Essentials
Microsoft System Center 2012 Endpoint Protection
Windows Defender
Windows Defender antimalware platform
Microsoft System Center 2012 R2 Endpoint Protection
Microsoft Forefront Endpoint Protection 2010

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2020-1002
CVE-2020-0835
Оказываемое влияние
?
PE 
[?]
Связанные продукты
Microsoft Windows
Windows Defender
CVE-IDS
CVE-2020-10020.0Unknown
CVE-2020-08350.0Unknown
Microsoft official advisories
Microsoft Security Update Guide