Multiple vulnerabilities in Microsoft Products (ESU)

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows Backup Engine can be exploited remotely to gain privileges.
2. An information disclosure vulnerability in Windows GDI+ can be exploited remotely to obtain sensitive information.
3. An information disclosure vulnerability in Windows SMB can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2020-16959
  CVE-2020-16958
  CVE-2020-16961
  CVE-2020-17098
  CVE-2020-16964
  CVE-2020-16960
  CVE-2020-17140
  CVE-2020-16962
  CVE-2020-16963
  ADV200013
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10

Список CVE

• CVE-2020-16964
  critical
• CVE-2020-16960
  critical
• CVE-2020-17140
  critical
• CVE-2020-16962
  critical
• CVE-2020-16963
  critical
• CVE-2020-16961
  critical
• CVE-2020-17098
  high
• CVE-2020-16959
  critical
• CVE-2020-16958
  critical

Список KB

• 4592504
• 4592471
• 4592498
• 4592503

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com