KLA11977
Multiple vulnerabilities in Microsoft Windows
Обновлено: 19/10/2020
Дата обнаружения
13/10/2020
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, spoof user interface, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to execute arbitrary code.
  2. An information disclosure vulnerability in Windows KernelStream can be exploited remotely via specially crafted application to obtain sensitive information.
  3. An elevation of privilege vulnerability in Windows Network Connections Service can be exploited remotely via specially crafted application to gain privileges.
  4. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
  5. An elevation of privilege vulnerability in Windows Storage VSP Driver can be exploited remotely via specially crafted application to gain privileges.
  6. A remote code execution vulnerability in Windows TCP/IP can be exploited remotely via specially crafted to execute arbitrary code.
  7. A remote code execution vulnerability in Windows Camera Codec Pack can be exploited remotely via specially crafted file to execute arbitrary code.
  8. An elevation of privilege vulnerability in Group Policy can be exploited remotely via specially crafted application to gain privileges.
  9. An elevation of privilege vulnerability in Windows iSCSI Target Service can be exploited remotely via specially crafted application to gain privileges.
  10. An elevation of privilege vulnerability in Windows Backup Service can be exploited remotely via specially crafted application to gain privileges.
  11. An elevation of privilege vulnerability in Windows Application Compatibility Client Library can be exploited remotely via specially crafted application to gain privileges.
  12. An information disclosure vulnerability in Windows Enterprise App Management Service can be exploited remotely to obtain sensitive information.
  13. An elevation of privilege vulnerability in Windows — User Profile Service can be exploited remotely via specially crafted application to gain privileges.
  14. An elevation of privilege vulnerability in Windows Setup can be exploited remotely to gain privileges.
  15. An elevation of privilege vulnerability in Windows Error Reporting can be exploited remotely via specially crafted application to gain privileges.
  16. An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
  17. A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
  18. A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
  19. A denial of service vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to cause denial of service.
  20. An elevation of privilege vulnerability in Windows Event System can be exploited remotely via specially crafted application to gain privileges.
  21. A denial of service vulnerability in Windows Remote Desktop Protocol (RDP) can be exploited remotely via specially crafted requests to cause denial of service.
  22. An elevation of privilege vulnerability in Windows Storage Services can be exploited remotely via specially crafted application to gain privileges.
  23. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
  24. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
  25. An elevation of privilege vulnerability in Windows Image can be exploited remotely via specially crafted application to gain privileges.
  26. A remote code execution vulnerability in Windows NAT can be exploited remotely via specially crafted application to execute arbitrary code.
  27. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
  28. An information disclosure vulnerability in Windows Remote Desktop Protocol (RDP) can be exploited remotely via specially crafted requests to obtain sensitive information.
  29. An information disclosure vulnerability in NetBT can be exploited remotely via specially crafted application to obtain sensitive information.
  30. A denial of service vulnerability in Windows TCP/IP can be exploited remotely via specially crafted to cause denial of service.
  31. An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
  32. An elevation of privilege vulnerability in Windows COM Server can be exploited remotely via specially crafted application to gain privileges.
  33. An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
  34. An information disclosure vulnerability in Windows GDI+ can be exploited remotely via specially crafted application to obtain sensitive information.
  35. A remote code execution vulnerability in GDI+ can be exploited remotely via specially crafted website to execute arbitrary code.
  36. A security feature bypass vulnerability in Windows can be exploited remotely via specially crafted application to bypass security restrictions.
  37. A memory corruption vulnerability in Media Foundation can be exploited remotely via specially crafted document to execute arbitrary code.
  38. An information disclosure vulnerability in Windows Text Services Framework can be exploited remotely via specially crafted file to obtain sensitive information.
  39. An elevation of privilege vulnerability in Windows Error Reporting Manager can be exploited remotely via specially crafted application to gain privileges.
Пораженные продукты

Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 2004 for x64-based Systems
Windows 10 Version 1909 for ARM64-based Systems
Windows Server, version 1903 (Server Core installation)
Windows Server 2012 (Server Core installation)
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 1909 for x64-based Systems
Windows 10 Version 1903 for ARM64-based Systems
Windows Server 2019 (Server Core installation)
Windows 10 for 32-bit Systems
Windows Server 2012 R2
Windows Server 2016 (Server Core installation)
Windows 10 Version 2004 for 32-bit Systems
Windows 10 Version 1803 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows RT 8.1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012 R2 (Server Core installation)
Windows 10 Version 2004 for ARM64-based Systems
Windows Server 2012
Windows Server 2016
Windows 8.1 for x64-based systems
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows 7 for x64-based Systems Service Pack 1
Windows 10 Version 1803 for ARM64-based Systems
Windows 10 Version 1709 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows 8.1 for 32-bit systems
Windows Server, version 2004 (Server Core installation)
Windows 10 Version 1903 for 32-bit Systems
Windows 10 Version 1709 for ARM64-based Systems
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 Version 1709 for x64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows Server, version 1909 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1909 for 32-bit Systems
Windows Server 2019

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2020-16923
CVE-2020-16889
CVE-2020-16887
CVE-2020-16902
CVE-2020-16885
CVE-2020-16898
CVE-2020-16968
CVE-2020-16939
CVE-2020-16980
CVE-2020-16972
CVE-2020-16967
CVE-2020-16876
CVE-2020-16919
CVE-2020-16940
CVE-2020-16908
CVE-2020-16909
CVE-2020-16920
CVE-2020-16907
CVE-2020-16922
CVE-2020-16905
CVE-2020-16924
CVE-2020-1243
CVE-2020-16900
CVE-2020-16927
CVE-2020-0764
CVE-2020-16890
CVE-2020-16891
CVE-2020-16892
CVE-2020-16894
CVE-2020-16901
CVE-2020-16896
CVE-2020-16897
CVE-2020-16973
CVE-2020-16899
CVE-2020-1047
CVE-2020-16976
CVE-2020-16975
CVE-2020-16974
CVE-2020-16936
CVE-2020-16935
CVE-2020-1167
CVE-2020-16877
CVE-2020-16912
CVE-2020-1080
CVE-2020-16914
CVE-2020-16916
CVE-2020-16911
CVE-2020-16910
CVE-2020-16913
CVE-2020-16938
CVE-2020-16915
CVE-2020-16921
CVE-2020-16895
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]

SUI 
[?]
Связанные продукты
Microsoft Windows
Microsoft Windows Server
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Server 2008
Windows RT
Microsoft Windows 10
CVE-IDS
CVE-2020-169230.0Unknown
CVE-2020-168890.0Unknown
CVE-2020-168870.0Unknown
CVE-2020-169020.0Unknown
CVE-2020-168850.0Unknown
CVE-2020-168980.0Unknown
CVE-2020-169680.0Unknown
CVE-2020-169390.0Unknown
CVE-2020-169800.0Unknown
CVE-2020-169720.0Unknown
CVE-2020-169670.0Unknown
CVE-2020-168760.0Unknown
CVE-2020-169190.0Unknown
CVE-2020-169400.0Unknown
CVE-2020-169080.0Unknown
CVE-2020-169090.0Unknown
CVE-2020-169200.0Unknown
CVE-2020-169070.0Unknown
CVE-2020-169220.0Unknown
CVE-2020-169050.0Unknown
CVE-2020-169240.0Unknown
CVE-2020-12430.0Unknown
CVE-2020-169000.0Unknown
CVE-2020-169270.0Unknown
CVE-2020-07640.0Unknown
CVE-2020-168900.0Unknown
CVE-2020-168910.0Unknown
CVE-2020-168920.0Unknown
CVE-2020-168940.0Unknown
CVE-2020-169010.0Unknown
CVE-2020-168960.0Unknown
CVE-2020-168970.0Unknown
CVE-2020-169730.0Unknown
CVE-2020-168990.0Unknown
CVE-2020-10470.0Unknown
CVE-2020-169760.0Unknown
CVE-2020-169750.0Unknown
CVE-2020-169740.0Unknown
CVE-2020-169360.0Unknown
CVE-2020-169350.0Unknown
CVE-2020-11670.0Unknown
CVE-2020-168770.0Unknown
CVE-2020-169120.0Unknown
CVE-2020-10800.0Unknown
CVE-2020-169140.0Unknown
CVE-2020-169160.0Unknown
CVE-2020-169110.0Unknown
CVE-2020-169100.0Unknown
CVE-2020-169130.0Unknown
CVE-2020-169380.0Unknown
CVE-2020-169150.0Unknown
CVE-2020-169210.0Unknown
CVE-2020-168950.0Unknown
KB list

4577041
4577049
4580328
4580330
4580327
4580346
4579311
4580353
4580347
4580382
4580358
4577668
4577671