KLA11811
Multiple vulnerabilities in Microsoft System Center

Обновлено: 11/06/2020
Дата обнаружения
09/06/2020
Уровень угрозы
High
Описание

Multiple vulnerabilities were found in Microsoft System Center. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Microsoft Windows Defender can be exploited remotely via specially crafted application to gain privileges.
  2. A spoofing vulnerability in System Center Operations Manager can be exploited remotely via specially crafted web to spoof user interface.
Пораженные продукты

Microsoft System Center Endpoint Protection
Windows Defender
System Center 2016 Operations Manager
Microsoft Security Essentials
Microsoft Forefront Endpoint Protection 2010
Microsoft System Center 2012 Endpoint Protection
Microsoft System Center 2012 R2 Endpoint Protection

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2020-1163
CVE-2020-1170
CVE-2020-1331
Оказываемое влияние
?
PE 
[?]

SUI 
[?]
Связанные продукты
Microsoft System Center Operations Manager
CVE-IDS
KB list

4566040