Symantec product detections for Microsoft monthly Security Bulletins - February 2020

book

Article ID: 185124

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017 

Resolution

 

ID and Rating

CAN/CVE ID: CVE-2020-0662

BID: 111826

Microsoft Rating: Critical

Vulnerability Type

Windows Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A remote code execution vulnerability exists in the way that Windows handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0673

BID: 111720

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0674

BID: 111591

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Internet Explorer 9 Internet Explorer 10 Internet Explorer 11

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Exp.CVE-2020-0674

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0681

BID: 111733

Microsoft Rating: Critical

Vulnerability Type

Remote Desktop Client Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909

 

Details

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0710

BID: 111721

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0711

BID: 111722

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0712

BID: 111723

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0713

BID: 111724

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0729

BID: 111817

Microsoft Rating: Critical

Vulnerability Type

LNK Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903

 

Details

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a . LNK file is processed.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0734

BID: 111729

Microsoft Rating: Critical

Vulnerability Type

Remote Desktop Client Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909

 

Details

A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0738

BID: 111788

Microsoft Rating: Critical

Vulnerability Type

Media Foundation Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0767

BID: 111856

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft ChakraCore Microsoft Edge
 
 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
 
 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0817

BID: None 

Microsoft Rating: Critical

Vulnerability Type

RDP Server RCE Vulnerability

Vulnerability Affects

Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation)

Details

A buffer overrun vulnerability has been identified in RDP client, which can be exploited to achieve RCE from an RDP Server.
 
 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

 

ID and Rating

CAN/CVE ID: ADV200003

BID: N/A

Microsoft Rating: Important

Vulnerability Type

February 2020 Adobe Flash Security Update

Vulnerability Affects

See Adobe.com

Details

See Adobe.com

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0618

BID: 111726

Microsoft Rating: Important

Vulnerability Type

Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft SQL Server 2008 R2 for 32-bit Systems Service Pack 3 Microsoft SQL Server 2008 R2 for x64-based Systems Service Pack 3 Microsoft SQL Server 2012 for 32-bit Systems Service Pack 4 Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 Microsoft SQL Server 2014 for 32-bit Systems Service Pack 3 Microsoft SQL Server 2014 for x64-based Systems Service Pack 3 Microsoft SQL Server 2016 for x64-based Systems Service Pack 2

 

Details

A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests. An attacker who successfully exploited this vulnerability could execute code in the context of the Report Server service account.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0655

BID: 111832

Microsoft Rating: Important

Vulnerability Type

Remote Desktop Services Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909

 

Details

A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection. An attacker who successfully exploited this vulnerability could execute arbitrary code on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0657

BID: 111840

Microsoft Rating: Important

Vulnerability Type

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903

 

Details

A privilege escalation vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0658

BID: 111761

Microsoft Rating: Important

Vulnerability Type

Windows Common Log File System Driver Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0659

BID: 111845

Microsoft Rating: Important

Vulnerability Type

Windows Data Sharing Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903

 

Details

A privilege escalation vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0660

BID: 111737

Microsoft Rating: Important

Vulnerability Type

Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows Server 2019 Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1909

 

Details

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests. An attacker who successfully exploited this vulnerability could cause the RDP service on the target system to stop responding.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0661

BID: 111738

Microsoft Rating: Important

Vulnerability Type

Windows Hyper-V Denial of Service Vulnerability

Vulnerability Affects

Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Hyper-V

 

Details

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application that causes a host machine to crash.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0663

BID: 111715

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Edge

 

Details

A privilege escalation vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0665

BID: 111744

Microsoft Rating: Important

Vulnerability Type

Active Directory Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest. To exploit this vulnerability, an attacker would first need to compromise an Active Directory forest.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0666

BID: 111716

Microsoft Rating: Important

Vulnerability Type

Windows Search Indexer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1

 

Details

A privilege escalation vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0667

BID: 111717

Microsoft Rating: Important

Vulnerability Type

Windows Search Indexer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1

 

Details

A privilege escalation vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0668

BID: 111728

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0669

BID: 111730

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0670

BID: 111732

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0671

BID: 111734

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0672

BID: 111736

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0675

BID: 111799

Microsoft Rating: Important

Vulnerability Type

Windows Key Isolation Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0676

BID: 111800

Microsoft Rating: Important

Vulnerability Type

Windows Key Isolation Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0677

BID: 111801

Microsoft Rating: Important

Vulnerability Type

Windows Key Isolation Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0678

BID: 111827

Microsoft Rating: Important

Vulnerability Type

Windows Error Reporting Manager Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows RT 8.1 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0679

BID: 111830

Microsoft Rating: Important

Vulnerability Type

Windows Function Discovery Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

A privilege escalation vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0680

BID: 111833

Microsoft Rating: Important

Vulnerability Type

Windows Function Discovery Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

A privilege escalation vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0682

BID: 111844

Microsoft Rating: Important

Vulnerability Type

Windows Function Discovery Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903

 

Details

A privilege escalation vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0683

BID: 111745

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems

 

Details

A privilege escalation vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0685

BID: 111747

Microsoft Rating: Important

Vulnerability Type

Windows COM Server Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when Windows improperly handles COM object creation. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0686

BID: 111749

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems

 

Details

A privilege escalation vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0688

BID: 111753

Microsoft Rating: Important

Vulnerability Type

Microsoft Exchange Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Exchange Server 2010 SP3 Update Rollup 30 Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 2016 Cumulative Update 14 Microsoft Exchange Server 2016 Cumulative Update 15 Microsoft Exchange Server 2019 Cumulative Update 3 Microsoft Exchange Server 2019 Cumulative Update 4

 

Details

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user.

 

Intrusion Protection System (IPS) Response

Sig ID: 32071 Web Attack: Microsoft Exchange Remote Code Execution CVE-2020-0688 

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0689

BID: 111761

Microsoft Rating: Important

Vulnerability Type

Microsoft Secure Boot Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A security bypass vulnerability exists in secure boot. An attacker who successfully exploited the vulnerability can bypass secure boot and load untrusted software.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0691

BID: 111748

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0692

BID: 111755

Microsoft Rating: Important

Vulnerability Type

Microsoft Exchange Server Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Exchange Server 2010 SP3 Update Rollup 30 Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 2016 Cumulative Update 14 Microsoft Exchange Server 2016 Cumulative Update 15 Microsoft Exchange Server 2019 Cumulative Update 3 Microsoft Exchange Server 2019 Cumulative Update 4

 

Details

A privilege escalation vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could gain the same rights as any other user of the Exchange server.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0694

BID: 111759

Microsoft Rating: Important

Vulnerability Type

Microsoft Office SharePoint XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2013 SP1 Microsoft SharePoint Server 2019

 

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0695

BID: 111760

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Online Server Spoofing Vulnerability

Vulnerability Affects

Microsoft Office Online Server

 

Details

A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly. An attacker could exploit the vulnerability by sending a specially crafted request to an affected site.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0696

BID: 111763

Microsoft Rating: Important

Vulnerability Type

Microsoft Outlook Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Outlook 2010 (32-bit editions) Service Pack 2 Microsoft Outlook 2010 (64-bit editions) Service Pack 2 Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2013 Service Pack 1 (32-bit editions) Microsoft Outlook 2013 Service Pack 1 (64-bit editions) Microsoft Outlook 2016 (32-bit editions) Microsoft Outlook 2016 (64-bit editions) Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

A security bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats. The security bypass by itself does not allow arbitrary code execution.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0697

BID: 111767

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Tampering Vulnerability

Vulnerability Affects

Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

A privilege escalation vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM. To exploit the vulnerability, an authenticated attacker would need to place a specially crafted file in a specific location, thereby allowing arbitrary file corruption.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0698

BID: 111809

Microsoft Rating: Important

Vulnerability Type

Windows Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012

 

Details

An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0701

BID: 111841

Microsoft Rating: Important

Vulnerability Type

Windows Client License Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903

 

Details

A privilege escalation vulnerability exists in the way that the Windows Client License Service (ClipSVC) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0703

BID: 111842

Microsoft Rating: Important

Vulnerability Type

Windows Backup Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903

 

Details

A privilege escalation vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0704

BID: 111843

Microsoft Rating: Important

Vulnerability Type

Windows Wireless Network Manager Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903

 

Details

A privilege escalation vulnerability exists when the Windows Wireless Network Manager improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0705

BID: 111764

Microsoft Rating: Important

Vulnerability Type

Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0706

BID: 111752

Microsoft Rating: Important

Vulnerability Type

Microsoft Browser Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft Internet Explorer 9 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11

 

Details

An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests. An attacker who successfully exploited this vulnerability could determine the origin of all of the web pages in the affected browser.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0707

BID: 111837

Microsoft Rating: Important

Vulnerability Type

Windows IME Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903

 

Details

A privilege escalation vulnerability exists when the Windows IME improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0708

BID: 111823

Microsoft Rating: Important

Vulnerability Type

Windows Imaging Library Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903

 

Details

A remote code execution vulnerability exists when the Windows Imaging Library improperly handles memory. To exploit this vulnerability, an attacker would first have to coerce a victim to open a specially crafted file.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0709

BID: 111780

Microsoft Rating: Important

Vulnerability Type

DirectX Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016

 

Details

A privilege escalation vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0714

BID: 111783

Microsoft Rating: Important

Vulnerability Type

DirectX Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0715

BID: 111751

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Component Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0716

BID: 111762

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016

 

Details

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0717

BID: 111765

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0719

BID: 111766

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0720

BID: 111768

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0721

BID: 111769

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0722

BID: 111772

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0723

BID: 111789

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0724

BID: 111790

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0725

BID: 111791

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0726

BID: 111792

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0727

BID: 111805

Microsoft Rating: Important

Vulnerability Type

Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0728

BID: 111808

Microsoft Rating: Important

Vulnerability Type

Windows Modules Installer Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read any file on the file system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0730

BID: 111835

Microsoft Rating: Important

Vulnerability Type

Windows User Profile Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903

 

Details

A privilege escalation vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context. 111835

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0731

BID: 111806

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0732

BID: 111784

Microsoft Rating: Important

Vulnerability Type

DirectX Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016

 

Details

A privilege escalation vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0733

BID: 111836

Microsoft Rating: Important

Vulnerability Type

Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability

Vulnerability Affects

Windows Malicious Software Removal Tool 32-bit Windows Malicious Software Removal Tool 64-bit
 
 

Details

A privilege escalation vulnerability exists when the Windows Malicious Software Removal Tool (MSRT) improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0735

BID: 111718

Microsoft Rating: Important

Vulnerability Type

Windows Search Indexer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1

 

Details

A privilege escalation vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0736

BID: 111807

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0737

BID: 111810

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the tapisrv. dll handles objects in memory.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0739

BID: 111811

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the dssvc. dll handles file creation allowing for a file overwrite or creation in a secured location.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0740

BID: 111814

Microsoft Rating: Important

Vulnerability Type

Connected Devices Platform Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0741

BID: 111815

Microsoft Rating: Important

Vulnerability Type

Connected Devices Platform Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0742

BID: 111816

Microsoft Rating: Important

Vulnerability Type

Connected Devices Platform Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0743

BID: 111818

Microsoft Rating: Important

Vulnerability Type

Connected Devices Platform Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0744

BID: 111820

Microsoft Rating: Important

Vulnerability Type

Windows GDI Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combination with another vulnerability.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0745

BID: 111821

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Component Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0746

BID: 111824

Microsoft Rating: Important

Vulnerability Type

Microsoft Graphics Components Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information that could be useful for further exploitation.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0747

BID: 111834

Microsoft Rating: Important

Vulnerability Type

Windows Data Sharing Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

A privilege escalation vulnerability exists when the Windows Data Sharing Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0748

BID: 111802

Microsoft Rating: Important

Vulnerability Type

Windows Key Isolation Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0749

BID: 111794

Microsoft Rating: Important

Vulnerability Type

Connected Devices Platform Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0750

BID: 111795

Microsoft Rating: Important

Vulnerability Type

Connected Devices Platform Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0751

BID: 111796

Microsoft Rating: Important

Vulnerability Type

Windows Hyper-V Denial of Service Vulnerability

Vulnerability Affects

Microsoft Hyper-V Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0752

BID: 111719

Microsoft Rating: Important

Vulnerability Type

Windows Search Indexer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1

 

Details

A privilege escalation vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0753

BID: 111828

Microsoft Rating: Important

Vulnerability Type

Windows Error Reporting Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows RT 8.1 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow Privilege Escalation if an attacker can successfully exploit it.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0754

BID: 111829

Microsoft Rating: Important

Vulnerability Type

Windows Error Reporting Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows RT 8.1 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow Privilege Escalation if an attacker can successfully exploit it.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0755

BID: 111803

Microsoft Rating: Important

Vulnerability Type

Windows Key Isolation Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0756

BID: 111804

Microsoft Rating: Important

Vulnerability Type

Windows Key Isolation Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0759

BID: 111797

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit editions) Microsoft Excel 2016 (64-bit editions) Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems
 
 

Details

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2020-0693

BID: 111758

Microsoft Rating: None

Vulnerability Type

Microsoft Office SharePoint XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2013 SP1 Microsoft SharePoint Server 2019

 

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0702

BID: 111770

Microsoft Rating: None

Vulnerability Type

Surface Hub Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Surface Hub
 
 

Details

A security bypass vulnerability exists in Surface Hub when prompting for credentials. Successful exploitation of the vulnerability could allow an attacker to access settings which are restricted to Administrators.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0818

BID: 111935

Microsoft Rating: None

Vulnerability Type

Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation)
 
 

Details

An elevation of privilege vulnerability exists in the way that the sysmain.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
 
 

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Skeptic: N/A