Описание
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Windows Remote Access can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows NDIS can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Kernel Local can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows KernelStream can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Network File System can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Print Spooler can be exploited remotely to execute arbitrary code.
- A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Remote Desktop Protocol Server can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Port Class Library can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Canonical Display Driver can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows GDI+ can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows Function Discovery SSDP Provider can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Graphics Component can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Kerberos KDC can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Client Side Rendering Print Provider can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Network File System can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows Hyper-V can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Print Configuration can be exploited remotely to gain privileges.
Первичный источник обнаружения
- CVE-2020-17043
CVE-2020-17069
CVE-2020-17087
CVE-2020-17088
CVE-2020-17045
CVE-2020-17051
CVE-2020-17047
CVE-2020-17042
CVE-2020-1599
CVE-2020-17044
CVE-2020-16997
CVE-2020-17014
CVE-2020-17038
CVE-2020-17011
CVE-2020-17029
CVE-2020-17000
CVE-2020-17001
CVE-2020-17068
CVE-2020-17036
CVE-2020-17004
CVE-2020-17049
CVE-2020-17034
CVE-2020-17026
CVE-2020-17027
CVE-2020-17055
CVE-2020-17024
CVE-2020-17032
CVE-2020-17056
CVE-2020-17025
CVE-2020-17033
CVE-2020-17040
CVE-2020-17028
CVE-2020-17041
CVE-2020-17031
Эксплуатация
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
Список CVE
- CVE-2020-17043 critical
- CVE-2020-17069 high
- CVE-2020-17087 critical
- CVE-2020-17088 critical
- CVE-2020-17045 high
- CVE-2020-17051 critical
- CVE-2020-17047 critical
- CVE-2020-17042 critical
- CVE-2020-1599 high
- CVE-2020-17044 critical
- CVE-2020-16997 critical
- CVE-2020-17014 critical
- CVE-2020-17038 critical
- CVE-2020-17011 critical
- CVE-2020-17029 high
- CVE-2020-17000 high
- CVE-2020-17001 critical
- CVE-2020-17068 critical
- CVE-2020-17036 high
- CVE-2020-17004 high
- CVE-2020-17049 high
- CVE-2020-17040 critical
- CVE-2020-17041 critical
- CVE-2020-17026 critical
- CVE-2020-17028 critical
- CVE-2020-17024 critical
- CVE-2020-17025 critical
- CVE-2020-17034 critical
- CVE-2020-17033 critical
- CVE-2020-17027 critical
- CVE-2020-17056 high
- CVE-2020-17055 critical
- CVE-2020-17031 critical
- CVE-2020-17032 critical
Список KB
- 4586827
- 4586834
- 4586845
- 4586817
- 4586805
- 4586807
- 4586808
- 4586823
- 4598278
- 4598297
- 5004302
- 5004294
- 5004298
- 5004285
- 5004289
- 5004307
- 5004299
- 5004305
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!