Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Microsoft Raw Image Extension can be exploited remotely to obtain sensitive information.
2. A remote code execution vulnerability in Raw Image Extension can be exploited remotely to execute arbitrary code.
3. An elevation of privilege vulnerability in Windows USO Core Worker can be exploited remotely to gain privileges.
4. A security feature bypass vulnerability in Kerberos KDC can be exploited remotely to bypass security restrictions.
5. An elevation of privilege vulnerability in Windows Kernel Local can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
7. An information disclosure vulnerability in Windows KernelStream can be exploited remotely to obtain sensitive information.
8. A denial of service vulnerability in Windows Error Reporting can be exploited remotely to cause denial of service.
9. A denial of service vulnerability in Windows Network File System can be exploited remotely to cause denial of service.
10. A security feature bypass vulnerability in Windows Hyper-V can be exploited remotely to bypass security restrictions.
11. An elevation of privilege vulnerability in Windows Print Configuration can be exploited remotely to gain privileges.
12. A remote code execution vulnerability in Windows Print Spooler can be exploited remotely to execute arbitrary code.
13. An elevation of privilege vulnerability in Windows Remote Access can be exploited remotely to gain privileges.
14. A remote code execution vulnerability in HEIF Image Extensions can be exploited remotely to execute arbitrary code.
15. An information disclosure vulnerability in WebP Image Extensions can be exploited remotely to obtain sensitive information.
16. A remote code execution vulnerability in HEVC Video Extensions can be exploited remotely to execute arbitrary code.
17. An information disclosure vulnerability in Windows Canonical Display Driver can be exploited remotely to obtain sensitive information.
18. An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely to obtain sensitive information.
19. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
20. An elevation of privilege vulnerability in Windows Client Side Rendering Print Provider can be exploited remotely to gain privileges.
21. An information disclosure vulnerability in Windows Graphics Component can be exploited remotely to obtain sensitive information.
22. A remote code execution vulnerability in Windows GDI+ can be exploited remotely to execute arbitrary code.
23. An elevation of privilege vulnerability in Windows Error Reporting can be exploited remotely to gain privileges.
24. An information disclosure vulnerability in Windows NDIS can be exploited remotely to obtain sensitive information.
25. An information disclosure vulnerability in Windows WalletService can be exploited remotely to obtain sensitive information.
26. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
27. A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
28. A security feature bypass vulnerability in Microsoft Defender for Endpoint can be exploited remotely to bypass security restrictions.
29. An information disclosure vulnerability in Windows MSCTF Server can be exploited remotely to obtain sensitive information.
30. A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
31. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
32. An information disclosure vulnerability in Windows Network File System can be exploited remotely to obtain sensitive information.
33. An elevation of privilege vulnerability in Windows Update Medic Service can be exploited remotely to gain privileges.
34. An elevation of privilege vulnerability in Windows Update Orchestrator Service can be exploited remotely to gain privileges.
35. An information disclosure vulnerability in Win32k can be exploited remotely to obtain sensitive information.
36. An elevation of privilege vulnerability in Windows Port Class Library can be exploited remotely to gain privileges.
37. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
38. An elevation of privilege vulnerability in Windows WalletService can be exploited remotely to gain privileges.
39. An information disclosure vulnerability in Windows Function Discovery SSDP Provider can be exploited remotely to obtain sensitive information.
40. An elevation of privilege vulnerability in DirectX can be exploited remotely to gain privileges.
41. An information disclosure vulnerability in Remote Desktop Protocol Server can be exploited remotely to obtain sensitive information.
42. An information disclosure vulnerability in Windows Delivery Optimization can be exploited remotely to obtain sensitive information.
43. An information disclosure vulnerability in Windows Camera Codec can be exploited remotely to obtain sensitive information.
44. An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely to gain privileges.
45. A remote code execution vulnerability in AV1 Video Extension can be exploited remotely to execute arbitrary code.
46. An elevation of privilege vulnerability in Windows Bind Filter Driver can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2020-17081
  CVE-2020-17082
  CVE-2020-17075
  CVE-2020-17049
  CVE-2020-17086
  CVE-2020-17087
  CVE-2020-17088
  CVE-2020-17045
  CVE-2020-17046
  CVE-2020-17047
  CVE-2020-17040
  CVE-2020-17041
  CVE-2020-17042
  CVE-2020-17043
  CVE-2020-17101
  CVE-2020-17026
  CVE-2020-17102
  CVE-2020-17106
  CVE-2020-17028
  CVE-2020-17029
  CVE-2020-17000
  CVE-2020-17001
  CVE-2020-17024
  CVE-2020-17025
  CVE-2020-17004
  CVE-2020-17068
  CVE-2020-17007
  CVE-2020-17069
  CVE-2020-16999
  CVE-2020-17038
  CVE-2020-17034
  CVE-2020-1599
  CVE-2020-17044
  CVE-2020-17109
  CVE-2020-17033
  CVE-2020-17090
  CVE-2020-17027
  CVE-2020-17030
  CVE-2020-17051
  CVE-2020-17057
  CVE-2020-17056
  CVE-2020-17055
  CVE-2020-17108
  CVE-2020-17070
  CVE-2020-17073
  CVE-2020-17014
  CVE-2020-17013
  CVE-2020-17074
  CVE-2020-17011
  CVE-2020-17010
  CVE-2020-17035
  CVE-2020-17078
  CVE-2020-17037
  CVE-2020-17036
  CVE-2020-17031
  CVE-2020-16998
  CVE-2020-17076
  CVE-2020-17032
  CVE-2020-16997
  CVE-2020-17071
  CVE-2020-17113
  CVE-2020-17077
  CVE-2020-17110
  CVE-2020-17107
  CVE-2020-17105
  CVE-2020-17079
  CVE-2020-17012
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Windows-RT
• Microsoft-Windows-10

Список CVE

• CVE-2020-17043
  high
• CVE-2020-17069
  high
• CVE-2020-17087
  high
• CVE-2020-17088
  high
• CVE-2020-17045
  high
• CVE-2020-17051
  critical
• CVE-2020-17047
  high
• CVE-2020-17042
  high
• CVE-2020-1599
  high
• CVE-2020-17044
  high
• CVE-2020-16997
  high
• CVE-2020-17014
  high
• CVE-2020-17038
  high
• CVE-2020-17011
  high
• CVE-2020-17029
  high
• CVE-2020-17000
  high
• CVE-2020-17001
  high
• CVE-2020-17068
  high
• CVE-2020-17036
  high
• CVE-2020-17004
  high
• CVE-2020-17081
  high
• CVE-2020-17082
  critical
• CVE-2020-17075
  critical
• CVE-2020-17049
  high
• CVE-2020-17086
  critical
• CVE-2020-17046
  high
• CVE-2020-17040
  high
• CVE-2020-17041
  high
• CVE-2020-17101
  critical
• CVE-2020-17026
  high
• CVE-2020-17102
  high
• CVE-2020-17106
  critical
• CVE-2020-17028
  high
• CVE-2020-17024
  high
• CVE-2020-17025
  high
• CVE-2020-17007
  high
• CVE-2020-16999
  high
• CVE-2020-17034
  high
• CVE-2020-17109
  critical
• CVE-2020-17033
  high
• CVE-2020-17090
  high
• CVE-2020-17027
  high
• CVE-2020-17030
  high
• CVE-2020-17057
  high
• CVE-2020-17056
  high
• CVE-2020-17055
  high
• CVE-2020-17108
  critical
• CVE-2020-17070
  critical
• CVE-2020-17073
  critical
• CVE-2020-17013
  high
• CVE-2020-17074
  critical
• CVE-2020-17010
  critical
• CVE-2020-17035
  critical
• CVE-2020-17078
  critical
• CVE-2020-17037
  critical
• CVE-2020-17031
  high
• CVE-2020-16998
  high
• CVE-2020-17076
  critical
• CVE-2020-17032
  high
• CVE-2020-17071
  high
• CVE-2020-17113
  high
• CVE-2020-17077
  critical
• CVE-2020-17110
  critical
• CVE-2020-17107
  critical
• CVE-2020-17105
  critical
• CVE-2020-17079
  critical
• CVE-2020-17012
  critical

Список KB

• 4586785
• 4586793
• 4586787
• 4586786
• 4586781
• 4586830
• 4586845
• 4586823
• 4592449
• 5001337
• 5004238
• 5004237
• 5004244
• 5042880
• 5042881

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com