Searching
..

Click anywhere to stop

KLA11929
Multiple vulnerabilities in Microsoft Products (ESU)

Обновлено: 21/03/2024
Дата обнаружения
11/08/2020
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, obtain sensitive information, spoof user interface.

Below is a complete list of vulnerabilities:

  1. A memory corruption vulnerability in Media Foundation can be exploited remotely via specially crafted document to execute arbitrary code.
  2. An elevation of privilege vulnerability in Windows Remote Access can be exploited remotely via specially crafted application to gain privileges.
  3. An information disclosure vulnerability in Windows RRAS Service can be exploited remotely via specially crafted application to obtain sensitive information.
  4. An elevation of privilege vulnerability in Windows Server Resource Management Service can be exploited remotely via specially crafted application to gain privileges.
  5. An elevation of privilege vulnerability in Windows Backup Engine can be exploited remotely via specially crafted application to gain privileges.
  6. An elevation of privilege vulnerability in Windows Function Discovery SSDP Provider can be exploited remotely via specially crafted application to gain privileges.
  7. An elevation of privilege vulnerability in Windows Work Folders Service can be exploited remotely via specially crafted application to gain privileges.
  8. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  9. An information disclosure vulnerability in DirectWrite can be exploited remotely via specially crafted document to obtain sensitive information.
  10. An elevation of privilege vulnerability in Windows Work Folder Service can be exploited remotely via specially crafted application to gain privileges.
  11. A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
  12. An information disclosure vulnerability in Windows Image Acquisition Service can be exploited remotely via specially crafted application to obtain sensitive information.
  13. An elevation of privilege vulnerability in Windows File Server Resource Management Service can be exploited remotely via specially crafted application to gain privileges.
  14. An elevation of privilege vulnerability in Windows UPnP Device Host can be exploited remotely via specially crafted application to gain privileges.
  15. An elevation of privilege vulnerability in Windows Telephony Server can be exploited remotely via specially crafted application to gain privileges.
  16. An elevation of privilege vulnerability in Netlogon can be exploited remotely via specially crafted application to gain privileges.
  17. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
  18. An elevation of privilege vulnerability in Windows GDI can be exploited remotely via specially crafted application to gain privileges.
  19. An elevation of privilege vulnerability in Windows dnsrslvr.dll can be exploited remotely via specially crafted application to gain privileges.
  20. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely via specially crafted application to gain privileges.
  21. An elevation of privilege vulnerability in Windows Registry can be exploited remotely via specially crafted application to gain privileges.
  22. A remote code execution vulnerability in Windows Media can be exploited remotely via specially crafted document to execute arbitrary code.
  23. A remote code execution vulnerability in MSHTML Engine can be exploited remotely via specially crafted file to execute arbitrary code.
  24. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely via specially crafted script to gain privileges.
  25. A remote code execution vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to execute arbitrary code.
  26. An elevation of privilege vulnerability in Windows CSC Service can be exploited remotely via specially crafted application to gain privileges.
  27. An elevation of privilege vulnerability in Windows Backup Service can be exploited remotely via specially crafted application to gain privileges.
  28. An elevation of privilege vulnerability in Windows Hard Link can be exploited remotely via specially crafted application to gain privileges.
  29. A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
  30. A remote code execution vulnerability in Windows Font Driver Host can be exploited remotely to execute arbitrary code.
  31. An elevation of privilege vulnerability can be exploited remotely via specially crafted application to gain privileges.
  32. A memory corruption vulnerability can be exploited remotely to execute arbitrary code.
  33. An elevation of privilege vulnerability in Windows AppX Deployment Extensions can be exploited remotely via specially crafted application to gain privileges.
  34. A denial of service vulnerability in Windows Remote Desktop Gateway can be exploited remotely via specially crafted file to cause denial of service.
  35. Information disclosure vulnerability in Media Foundation can be exploited to obtain sensitive information.
  36. An elevation of privilege vulnerability in Local Security Authority Subsystem Service can be exploited remotely via specially crafted application to gain privileges.
Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Пораженные продукты

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Internet Explorer 9
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012 R2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2012 R2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows 7 for x64-based Systems Service Pack 1
Windows 7 for 32-bit Systems Service Pack 1

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2020-1379
CVE-2020-1537
CVE-2020-1383
CVE-2020-1475
CVE-2020-1545
CVE-2020-1579
CVE-2020-1470
CVE-2020-1570
CVE-2020-1536
CVE-2020-1577
CVE-2020-1552
CVE-2020-1535
CVE-2020-1473
CVE-2020-1551
CVE-2020-1530
CVE-2020-1474
CVE-2020-1518
CVE-2020-1519
CVE-2020-1516
CVE-2020-1478
CVE-2020-1558
CVE-2020-1515
CVE-2020-1538
CVE-2020-1539
CVE-2020-1557
CVE-2020-1554
CVE-2020-1472
CVE-2020-1517
CVE-2020-1484
CVE-2020-1485
CVE-2020-1486
CVE-2020-1544
CVE-2020-1529
CVE-2020-1584
CVE-2020-1587
CVE-2020-1377
CVE-2020-1477
CVE-2020-1339
CVE-2020-1567
CVE-2020-1337
CVE-2020-1378
CVE-2020-1564
CVE-2020-1562
CVE-2020-1513
CVE-2020-1541
CVE-2020-1540
CVE-2020-1543
CVE-2020-1542
CVE-2020-1534
CVE-2020-1467
CVE-2020-1464
CVE-2020-1546
CVE-2020-1547
CVE-2020-1520
CVE-2020-1489
CVE-2020-1565
CVE-2020-1492
CVE-2020-1488
CVE-2020-1466
CVE-2020-1487
CVE-2020-1509
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]

SUI 
[?]
Связанные продукты
Microsoft Internet Explorer
Microsoft Windows
Microsoft Windows Server
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows Server 2008
CVE-IDS
CVE-2020-14887.0High
CVE-2020-13795.5High
CVE-2020-15377.8Critical
CVE-2020-13835.5High
CVE-2020-14757.8Critical
CVE-2020-15457.8Critical
CVE-2020-15797.8Critical
CVE-2020-14707.8Critical
CVE-2020-15707.5Critical
CVE-2020-15367.8Critical
CVE-2020-15777.8Critical
CVE-2020-15528.0Critical
CVE-2020-15357.8Critical
CVE-2020-14737.0High
CVE-2020-15517.8Critical
CVE-2020-15307.8Critical
CVE-2020-14747.8Critical
CVE-2020-15187.8Critical
CVE-2020-15197.8Critical
CVE-2020-15167.8Critical
CVE-2020-14787.8Critical
CVE-2020-15587.8Critical
CVE-2020-15157.8Critical
CVE-2020-15387.8Critical
CVE-2020-15397.8Critical
CVE-2020-15577.3High
CVE-2020-15547.8Critical
CVE-2020-14725.5High
CVE-2020-15177.8Critical
CVE-2020-14847.8Critical
CVE-2020-14855.5High
CVE-2020-14867.8Critical
CVE-2020-15447.8Critical
CVE-2020-15297.8Critical
CVE-2020-15847.8Critical
CVE-2020-15877.8Critical
CVE-2020-13777.8Critical
CVE-2020-14777.0High
CVE-2020-13397.8Critical
CVE-2020-15674.2Warning
CVE-2020-13377.8Critical
CVE-2020-13787.5Critical
CVE-2020-15647.8Critical
CVE-2020-15627.8Critical
CVE-2020-15137.8Critical
CVE-2020-15417.8Critical
CVE-2020-15407.8Critical
CVE-2020-15437.8Critical
CVE-2020-15427.8Critical
CVE-2020-15347.8Critical
CVE-2020-14647.8Critical
CVE-2020-15467.8Critical
CVE-2020-15477.8Critical
CVE-2020-15207.8Critical
CVE-2020-14897.8Critical
CVE-2020-14927.8Critical
CVE-2020-14877.8Critical
CVE-2020-15657.5Critical
CVE-2020-15097.8Critical
CVE-2020-14667.8Critical
KB list

4571729
4571687
4571719
4571730
4571746
4571723
4571703
4571702
4571736
4578013
4601347
4601363
4601357
4601348
4601384
4601349