KLA11744 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Microsoft Graphics Component can be exploited remotely via specially crafted application to obtain sensitive information.
2. A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
3. An information disclosure vulnerability in Win32k can be exploited remotely via specially crafted application to obtain sensitive information.
4. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
5. A remote code execution vulnerability in GDI+ can be exploited remotely via specially crafted website to execute arbitrary code.
6. A remote code execution vulnerability in Microsoft Windows Codecs Library can be exploited remotely via specially crafted image to execute arbitrary code.
7. An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
8. An elevation of privilege vulnerability in Microsoft Windows Update Client can be exploited remotely via specially crafted application to gain privileges.
9. An information disclosure vulnerability in Media Foundation can be exploited remotely via specially crafted file to obtain sensitive information.
10. A remote code execution vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to execute arbitrary code.
11. An elevation of privilege vulnerability in Windows Work Folder Service can be exploited remotely via specially crafted application to gain privileges.
12. A remote code execution vulnerability in Microsoft Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.
13. A denial of service vulnerability in Windows DNS can be exploited remotely to cause denial of service.
14. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
15. An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
16. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely via specially crafted application to gain privileges.
17. An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
18. A remote code execution vulnerability in Adobe Font Manager Library can be exploited remotely via specially crafted document to execute arbitrary code.
19. An information disclosure in CPU Memory Access can be exploited remotely via specially crafted application to obtain sensitive information.
20. An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely via specially crafted application to gain privileges.
21. An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted script to gain privileges.
22. A security feature bypass vulnerability in Windows Token can be exploited remotely to bypass security restrictions.
23. An elevation of privilege vulnerability in Connected User Experiences and Telemetry Service can be exploited remotely via specially crafted application to gain privileges.
24. A memory corruption vulnerability in Media Foundation can be exploited remotely via specially crafted document to execute arbitrary code.
25. An elevation of privilege vulnerability in DirectX can be exploited remotely via specially crafted application to gain privileges.
26. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
27. An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
28. An elevation of privilege vulnerability in Windows Push Notification Service can be exploited remotely via specially crafted application to gain privileges.
29. An elevation of privilege vulnerability in Windows Scheduled Task can be exploited remotely via specially crafted application to gain privileges.
30. An information disclosure vulnerability in Windows Push Notification Service can be exploited remotely via specially crafted application to obtain sensitive information.
31. A denial of service vulnerability in Windows can be exploited remotely via specially crafted application to cause denial of service.

Original advisories

CVE-2020-0987

CVE-2020-0985

CVE-2020-0982

CVE-2020-0983

CVE-2020-0981

CVE-2020-0960

CVE-2020-0962

CVE-2020-0956

CVE-2020-0964

CVE-2020-0965

CVE-2020-0988

CVE-2020-0942

CVE-2020-0959

CVE-2020-1015

CVE-2020-1014

CVE-2020-0946

CVE-2020-0947

CVE-2020-1011

CVE-2020-0958

CVE-2020-0907

CVE-2020-0948

CVE-2020-0949

CVE-2020-0889

CVE-2020-0945

CVE-2020-1007

CVE-2020-1094

CVE-2020-0784

CVE-2020-0910

CVE-2020-1003

CVE-2020-0913

CVE-2020-0687

CVE-2020-0953

CVE-2020-1029

CVE-2020-0995

CVE-2020-0994

CVE-2020-0944

CVE-2020-0996

CVE-2020-0993

CVE-2020-0992

CVE-2020-0821

CVE-2020-0999

CVE-2020-1000

CVE-2020-0950

CVE-2020-0939

CVE-2020-0952

CVE-2020-0955

CVE-2020-0918

CVE-2020-1006

CVE-2020-0888

CVE-2020-1008

CVE-2020-1009

CVE-2020-0917

CVE-2020-0937

CVE-2020-1027

CVE-2020-0936

CVE-2020-0934

CVE-2020-1020

CVE-2020-1017

CVE-2020-1016

CVE-2020-0794

CVE-2020-0940

CVE-2020-0938

CVE-2020-1001

CVE-2020-1004

CVE-2020-0699

CVE-2020-1005

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Windows-RT

Microsoft-Windows-10

CVE list

CVE-2020-0987 warning

CVE-2020-0982 warning

CVE-2020-0889 critical

CVE-2020-0960 critical

CVE-2020-0962 warning

CVE-2020-1007 warning

CVE-2020-0964 critical

CVE-2020-0965 warning

CVE-2020-0988 critical

CVE-2020-0959 critical

CVE-2020-1015 high

CVE-2020-1014 high

CVE-2020-0946 warning

CVE-2020-1011 high

CVE-2020-1009 high

CVE-2020-0907 critical

CVE-2020-1094 high

CVE-2020-0687 critical

CVE-2020-0995 critical

CVE-2020-0994 critical

CVE-2020-0993 high

CVE-2020-0992 critical

CVE-2020-0821 warning

CVE-2020-0999 critical

CVE-2020-1000 high

CVE-2020-0953 critical

CVE-2020-0952 warning

CVE-2020-1004 high

CVE-2020-1005 warning

CVE-2020-0956 high

CVE-2020-1008 critical

CVE-2020-0958 high

CVE-2020-1020 high

CVE-2020-1027 high

CVE-2020-0938 high

CVE-2020-0955 warning

CVE-2020-0985 high

CVE-2020-0983 high

CVE-2020-0981 warning

CVE-2020-0942 warning

CVE-2020-0947 warning

CVE-2020-0948 critical

CVE-2020-0949 critical

CVE-2020-0945 warning

CVE-2020-0784 high

CVE-2020-0910 critical

CVE-2020-1003 high

CVE-2020-0913 high

CVE-2020-1029 high

CVE-2020-0944 warning

CVE-2020-0996 high

CVE-2020-0950 critical

CVE-2020-0939 warning

CVE-2020-0918 high

CVE-2020-1006 high

CVE-2020-0888 high

CVE-2020-0917 high

CVE-2020-0937 warning

CVE-2020-0936 warning

CVE-2020-0934 warning

CVE-2020-1017 high

CVE-2020-1016 warning

CVE-2020-0794 warning

CVE-2020-0940 high

CVE-2020-1001 high

CVE-2020-0699 warning

KB list

4549949

4550927

4550929

4550917

4549951

4550971

4550961

4550922

4550930

4550970

4571692

4571694

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Windows 10 Version 1903 for 32-bit SystemsWindows Server 2008 for x64-based Systems Service Pack 2Windows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows 10 for 32-bit SystemsWindows 7 for 32-bit Systems Service Pack 1Windows 10 Version 1607 for x64-based SystemsWindows Server 2019Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2016Windows 10 Version 1909 for x64-based SystemsWindows Server 2008 for 32-bit Systems Service Pack 2Windows 10 Version 1709 for x64-based SystemsWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows 10 Version 1909 for ARM64-based SystemsWindows Server 2016 (Server Core installation)Windows 10 Version 1607 for 32-bit SystemsWindows Server 2012 R2Windows 10 Version 1909 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1709 for 32-bit SystemsWindows Server, version 1803 (Server Core Installation)Windows RT 8.1Windows 10 Version 1803 for ARM64-based SystemsWindows 7 for x64-based Systems Service Pack 1Windows Server 2019 (Server Core installation)Windows 8.1 for x64-based systemsWindows Server 2012 (Server Core installation)Windows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows 10 Version 1709 for ARM64-based Systems