Kaspersky Threats

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in Windows Backup Engine can be exploited remotely to gain privileges.
An information disclosure vulnerability in Windows SMB can be exploited remotely to obtain sensitive information.
An information disclosure vulnerability in Windows GDI+ can be exploited remotely to obtain sensitive information.
An elevation of privilege vulnerability in Windows Digital Media Receiver can be exploited remotely to gain privileges.
An elevation of privilege vulnerability in Windows Network Connections Service can be exploited remotely to gain privileges.
A remote code execution vulnerability in Windows NTFS can be exploited remotely to execute arbitrary code.
A security feature bypass vulnerability in Kerberos can be exploited remotely to bypass security restrictions.

Первичный источник обнаружения

CVE-2020-16964
CVE-2020-16960
CVE-2020-17140
CVE-2020-16962
CVE-2020-16963
CVE-2020-16961
CVE-2020-17098
CVE-2020-16959
CVE-2020-16958
CVE-2020-17097
CVE-2020-17092
CVE-2020-17096
CVE-2020-16996
ADV200013

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

CVE-2020-16964
critical
CVE-2020-16960
critical
CVE-2020-17140
critical
CVE-2020-16962
critical
CVE-2020-16963
critical
CVE-2020-16961
critical
CVE-2020-17098
high
CVE-2020-17097
critical
CVE-2020-17096
critical
CVE-2020-17092
critical
CVE-2020-16996
high
CVE-2020-16959
critical
CVE-2020-16958
critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!