Symantec product detections for Microsoft monthly Security Bulletins - March 2020

book

Article ID: 186071

calendar_today

Updated On:

Products

Endpoint Security

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017 

Resolution

 

ID and Rating

CAN/CVE ID: CVE-2020-0684

BID: 112074

Microsoft Rating: Critical

Vulnerability Type

LNK Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909

 

Details

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a LNK file is processed.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0768

BID: 112176

Microsoft Rating: Critical

Vulnerability Type

Microsoft Browser Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0796

BID: 112121

Microsoft Rating: Critical

Vulnerability Type

Windows SMBv3 Client/Server Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3. 0 (SMBv3) protocol handles certain requests.

 

Intrusion Protection System (IPS) Response

Sig ID:

  • 32098 (OS Attack: Microsoft Server Message Block RCE CVE-2020-0796)
  • 32099 (Audit: Microsoft Compressed SMB Packet)

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0801

BID: 112126

Microsoft Rating: Critical

Vulnerability Type

Media Foundation Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0807

BID: 112130

Microsoft Rating: Critical

Vulnerability Type

Media Foundation Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0809

BID: 112133

Microsoft Rating: Critical

Vulnerability Type

Media Foundation Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0811

BID: 112165

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0812

BID: 112166

Microsoft Rating: Critical

Vulnerability Type

Chakra Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0816

BID: 112172

Microsoft Rating: Critical

Vulnerability Type

Microsoft Edge Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge

 

Details

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that enables an attacker to execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0823

BID: 112167

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0824

BID: 112179

Microsoft Rating: Critical

Vulnerability Type

VBScript Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11

 

Details

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Yes

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0825

BID: 112094

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0826

BID: 112096

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0827

BID: 112159

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0828

BID: 112161

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0829

BID: 112162

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0830

BID: 112178

Microsoft Rating: Critical

Vulnerability Type

Microsoft Browser Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Edge

 

Details

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0831

BID: 112163

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0832

BID: 112169

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0833

BID: 112170

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11

 

Details

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0847

BID: 112180

Microsoft Rating: Critical

Vulnerability Type

VBScript Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9

 

Details

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0848

BID: 112164

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0869

BID: 112182

Microsoft Rating: Critical

Vulnerability Type

Media Foundation Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0881

BID: 112206

Microsoft Rating: Critical

Vulnerability Type

GDI+ Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0883

BID: 112208

Microsoft Rating: Critical

Vulnerability Type

GDI+ Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0905

BID: TBD

Microsoft Rating: Critical

Vulnerability Type

Dynamics Business Central Remote Code Execution Vulnerability

 

Vulnerability Affects

Dynamics 365 Business Central 2019 Release Wave 2 (On-Premise) Dynamics 365 Business Central 2019 Spring Update Microsoft Dynamics 365 BC On Premise Microsoft Dynamics NAV 2013 Microsoft Dynamics NAV 2015 Microsoft Dynamics NAV 2016 Microsoft Dynamics NAV 2017 Microsoft Dynamics NAV 2018

 

Details

A remote code execution vulnerability exists in Microsoft Dynamics Business Central. An attacker who succesfully exploited this vulnerability could execute arbitrary shell commands on victim's server.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

 

 

 

ID and Rating

CAN/CVE ID: CVE-2020-0645

BID: 112073

Microsoft Rating: Important

Vulnerability Type

Microsoft IIS Server Tampering Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers. An attacker who successfully exploited the vulnerability could cause a vulnerable server to improperly process HTTP headers and tamper with the responses returned to clients.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0690

BID: 112095

Microsoft Rating: Important

Vulnerability Type

DirectX Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2016 Microsoft Windows Server 2019

 

Details

A privilege escalation vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0700

BID: 112097

Microsoft Rating: Important

Vulnerability Type

Azure DevOps Server Cross-site Scripting Vulnerability

Vulnerability Affects

Microsoft Azure DevOps Server 2019 Update 1 Microsoft Azure DevOps Server 2019.0.1 Microsoft Team Foundation Server 2017 Update 3.1 Microsoft Team Foundation Server 2018 Update 1.2 Microsoft Team Foundation Server 2018 Update 3.2 Microsoft Azure DevOps Server 2019 Update 1.1

 

Details

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the user every time a user visits the compromised pa

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0758

BID: 112099

Microsoft Rating: Important

Vulnerability Type

Azure DevOps Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Azure DevOps Server 2019 Update 1 Microsoft Azure DevOps Server 2019.0.1 Microsoft Team Foundation Server 2017 Update 3.1 Microsoft Team Foundation Server 2018 Update 1.2 Microsoft Team Foundation Server 2018 Update 3.2 Microsoft Azure DevOps Server 2019 Update 1.1

 

Details

A privilege escalation vulnerability exists when Visual Studio improperly handles pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0762

BID: 112104

Microsoft Rating: Important

Vulnerability Type

Microsoft Defender Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Forefront Endpoint Protection 2010 Microsoft Security Essentials Microsoft System Center 2012 Endpoint Protection Microsoft System Center 2012 R2 Endpoint Protection Microsoft System Center Endpoint Protection Microsoft Windows Defender

 

Details

A privilege escalation vulnerability exists when Defender handles certain objects in memory. To exploit the vulnerability, an attacker would first have to log on to the system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0763

BID: 112107

Microsoft Rating: Important

Vulnerability Type

Microsoft Defender Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Forefront Endpoint Protection 2010 Microsoft Security Essentials Microsoft System Center 2012 Endpoint Protection Microsoft System Center 2012 R2 Endpoint Protection Microsoft System Center Endpoint Protection Microsoft Windows Defender

 

Details

A privilege escalation vulnerability exists when Defender handles certain objects in memory. To exploit the vulnerability, an attacker would first have to log on to the system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0769

BID: 112111

Microsoft Rating: Important

Vulnerability Type

Windows CSC Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists when the Windows CSC Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0770

BID: 112117

Microsoft Rating: Important

Vulnerability Type

Windows ActiveX Installer Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists when the Windows ActiveX Installer Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0771

BID: 112119

Microsoft Rating: Important

Vulnerability Type

Windows CSC Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists when the Windows CSC Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0772

BID: 112120

Microsoft Rating: Important

Vulnerability Type

Windows Error Reporting Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists when Windows Error Reporting improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0773

BID: 112123

Microsoft Rating: Important

Vulnerability Type

Windows ActiveX Installer Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists when the Windows ActiveX Installer Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0774

BID: 112127

Microsoft Rating: Important

Vulnerability Type

Windows GDI Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2019 Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows Server 2016 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2

 

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0775

BID: 112129

Microsoft Rating: Important

Vulnerability Type

Windows Error Reporting Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 1903 Microsoft Windows Server 1803 Microsoft Windows Server 2019 Microsoft Windows Server 2016 Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems

 

Details

A privilege escalation vulnerability exists when Windows Error Reporting improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0776

BID: 112132

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 1909 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows Server 2019 Microsoft Windows Server 1903 Microsoft Windows Server 1803 Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems

 

Details

A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0777

BID: 112075

Microsoft Rating: Important

Vulnerability Type

Windows Work Folder Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0778

BID: 112086

Microsoft Rating: Important

Vulnerability Type

Windows Network Connections Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

A privilege escalation vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0779

BID: 112098

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems

 

Details

A privilege escalation vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0780

BID: 112134

Microsoft Rating: Important

Vulnerability Type

Windows Network List Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1

 

Details

A privilege escalation vulnerability exists in the way that the Windows Network List Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0781

BID: 112102

Microsoft Rating: Important

Vulnerability Type

Windows UPnP Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0783

BID: 112103

Microsoft Rating: Important

Vulnerability Type

Windows UPnP Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0785

BID: 112106

Microsoft Rating: Important

Vulnerability Type

Windows User Profile Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0786

BID: 112112

Microsoft Rating: Important

Vulnerability Type

Windows Tile Object Service Denial of Service Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Server 2016

 

Details

A denial of service vulnerability exists when the Windows Tile Object Service improperly handles hard links. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0787

BID: 112113

Microsoft Rating: Important

Vulnerability Type

Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems

 

Details

A privilege escalation vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0788

BID: 112114

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0789

BID: 112136

Microsoft Rating: Important

Vulnerability Type

Visual Studio Extension Installer Service Denial of Service Vulnerability

Vulnerability Affects

Microsoft Visual Studio 2019 16.0 Microsoft Visual Studio 2019 16.1 Microsoft Visual Studio 2019 16.2 Microsoft Visual Studio 2019 16.3 Microsoft Visual Studio 2019 16.4

 

Details

A denial of service vulnerability exists when the Visual Studio Extension Installer Service improperly handles hard links. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0791

BID: 112115

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Component Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0793

BID: 112116

Microsoft Rating: Important

Vulnerability Type

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Visual Studio 2015 Update 3 Microsoft Visual Studio 2017 15.1 Microsoft Visual Studio 2017 15.6.6 Microsoft Visual Studio 2017 15.7.5 Microsoft Visual Studio 2017 15.8 Microsoft Visual Studio 2017 15.9 Microsoft Visual Studio 2019 16.0 Microsoft Visual Studio 2019 16.1 Microsoft Visual Studio 2019 16.2 Microsoft Visual Studio 2019 16.3 Microsoft Visual Studio 2019 16.4 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Diagnostics Hub Standard Collector improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0795

BID: 112118

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Reflective XSS Vulnerability

Vulnerability Affects

Microsoft Business Productivity Servers 2010 SP2 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 SP1

 

Details

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0797

BID: 112077

Microsoft Rating: Important

Vulnerability Type

Windows Work Folder Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0798

BID: 112122

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0799

BID: 112124

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0800

BID: 112078

Microsoft Rating: Important

Vulnerability Type

Windows Work Folder Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0802

BID: 112089

Microsoft Rating: Important

Vulnerability Type

Windows Network Connections Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0803

BID: 112090

Microsoft Rating: Important

Vulnerability Type

Windows Network Connections Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0804

BID: 112091

Microsoft Rating: Important

Vulnerability Type

Windows Network Connections Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0806

BID: 112128

Microsoft Rating: Important

Vulnerability Type

Windows Error Reporting Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files. The vulnerability could allow Privilege Escalation if an attacker can successfully exploit it.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0808

BID: 112131

Microsoft Rating: Important

Vulnerability Type

Provisioning Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way the Provisioning Runtime validates certain file operations. An attacker who successfully exploited the vulnerability could gain elevated privileges on a victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0810

BID: 112135

Microsoft Rating: Important

Vulnerability Type

Windows Diagnostics Hub Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Visual Studio 2015 Update 3 Microsoft Visual Studio 2017 15.1 Microsoft Visual Studio 2017 15.6.6 Microsoft Visual Studio 2017 15.7.5 Microsoft Visual Studio 2017 15.8 Microsoft Visual Studio 2017 15.9 Microsoft Visual Studio 2019 16.0 Microsoft Visual Studio 2019 16.1 Microsoft Visual Studio 2019 16.2 Microsoft Visual Studio 2019 16.3 Microsoft Visual Studio 2019 16.4 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input, leading to an unsecure library-loading behavior. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0813

BID: 112173

Microsoft Rating: Important

Vulnerability Type

Scripting Engine Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Edge Microsoft ChakraCore

 

Details

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data. To exploit the vulnerability, an attacker must know the memory address of where the object was created.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0814

BID: 112147

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists in Windows Installer because of the way Windows Installer handles certain file system operations. To exploit the vulnerability, an attacker would require unprivileged execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0815

BID: 112190

Microsoft Rating: Important

Vulnerability Type

Azure DevOps Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Azure DevOps Server 2019 Update 1.1

 

Details

A privilege escalation vulnerability exists when Visual Studio improperly handles pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0819

BID: 112193

Microsoft Rating: Important

Vulnerability Type

Windows Device Setup Manager Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists when the Windows Device Setup Manager improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0820

BID: 112194

Microsoft Rating: Important

Vulnerability Type

Media Foundation Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 1903 Microsoft Windows Server 1803 Microsoft Windows Server 2019 Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows Server 2016 Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems

 

Details

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0822

BID: 112196

Microsoft Rating: Important

Vulnerability Type

Windows Language Pack Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0834

BID: 112197

Microsoft Rating: Important

Vulnerability Type

Windows ALPC Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1

 

Details

A privilege escalation vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC). An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0840

BID: 112138

Microsoft Rating: Important

Vulnerability Type

Windows Hard Link Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0841

BID: 112139

Microsoft Rating: Important

Vulnerability Type

Windows Hard Link Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0842

BID: 112142

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. To exploit the vulnerability, an attacker would require unprivileged execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0843

BID: 112146

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows Installer because of the way Windows Installer handles certain files system operations. To exploit the vulnerability, an attacker would require unprivileged execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0844

BID: 112149

Microsoft Rating: Important

Vulnerability Type

Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0845

BID: 112092

Microsoft Rating: Important

Vulnerability Type

Windows Network Connections Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 2016 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1

 

Details

A privilege escalation vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0850

BID: 112137

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office Online Server Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Server 2019 Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0851

BID: 112140

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2016 for Mac Microsoft Office 2019 for Mac Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0852

BID: 112141

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office Online Server Microsoft SharePoint Server 2019

 

Details

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0853

BID: 112154

Microsoft Rating: Important

Vulnerability Type

Windows Imaging Component Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0854

BID: 112155

Microsoft Rating: Important

Vulnerability Type

Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to delete files.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0855

BID: 112143

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2019 for Mac Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0857

BID: 112156

Microsoft Rating: Important

Vulnerability Type

Windows Search Indexer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0858

BID: 112157

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the "Public Account Pictures" folder improperly handles junctions. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0859

BID: 112158

Microsoft Rating: Important

Vulnerability Type

Windows Modules Installer Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows Server 1909 Microsoft Windows Server 1903 Microsoft Windows Server 1803 Microsoft Windows Server 2019 Microsoft Windows Server 2016 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2

 

Details

An information vulnerability exists when Windows Modules Installer Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read any file on the file system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0860

BID: 112160

Microsoft Rating: Important

Vulnerability Type

Windows ActiveX Installer Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows ActiveX Installer Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0861

BID: 112168

Microsoft Rating: Important

Vulnerability Type

Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0863

BID: 112171

Microsoft Rating: Important

Vulnerability Type

Connected User Experiences and Telemetry Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information. Successful exploitation of the vulnerability could allow the attacker to read any file on the file system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0864

BID: 112079

Microsoft Rating: Important

Vulnerability Type

Windows Work Folder Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0865

BID: 112080

Microsoft Rating: Important

Vulnerability Type

Windows Work Folder Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0866

BID: 112081

Microsoft Rating: Important

Vulnerability Type

Windows Work Folder Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0867

BID: 112174

Microsoft Rating: Important

Vulnerability Type

Windows Update Orchestrator Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0868

BID: 112175

Microsoft Rating: Important

Vulnerability Type

Windows Update Orchestrator Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0871

BID: 112187

Microsoft Rating: Important

Vulnerability Type

Windows Network Connections Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists when Windows Network Connections Service fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0872

BID: 112189

Microsoft Rating: Important

Vulnerability Type

Remote Code Execution Vulnerability in Application Inspector

Vulnerability Affects

Microsoft Application Inspector 1.0.0 Microsoft Application Inspector 1.0.1 Microsoft Application Inspector 1.0.10 Microsoft Application Inspector 1.0.20 Microsoft Application Inspector 1.0.21 Microsoft Application Inspector 1.0.22 Microsoft Application Inspector 1.0.23

 

Details

A remote code execution vulnerability exists in Application Inspector version v1. 0.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0874

BID: 112191

Microsoft Rating: Important

Vulnerability Type

Windows GDI Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attack

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0876

BID: 112192

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0877

BID: 112195

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0879

BID: 112202

Microsoft Rating: Important

Vulnerability Type

Windows GDI Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attack

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0880

BID: 112205

Microsoft Rating: Important

Vulnerability Type

Windows GDI Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0882

BID: 112207

Microsoft Rating: Important

Vulnerability Type

Windows GDI Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0884

BID: 112199

Microsoft Rating: Important

Vulnerability Type

Microsoft Visual Studio Spoofing Vulnerability

Vulnerability Affects

Microsoft Visual Studio 2019 16.2 Microsoft Visual Studio 2019 16.0 Microsoft Visual Studio 2019 16.1 Microsoft Visual Studio 2019 16.4 Microsoft Visual Studio 2019 16.3 Microsoft Visual Studio 2017 15.1 Microsoft Visual Studio 2017 15.8 Microsoft Visual Studio 2017 15.9

 

Details

A spoofing vulnerability exists in Microsoft Visual Studio as it includes a reply URL that is not secured by SSL. An attacker who successfully exploited this vulnerability could compromise the access tokens, exposing security and privacy risks.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0885

BID: 112200

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Component Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows Server 2019 Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Server 1903 Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows Server 1909 Microsoft Windows Server 2012 Microsoft Windows RT 8.1 Microsoft Windows Server 2016 Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows Server 1803 Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows Server 2012 R2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 for 32-bit Systems SP2

 

Details

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0887

BID: 112201

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0891

BID: 112144

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Reflective XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Foundation 2010 SP2 Microsoft SharePoint Server 2019

 

Details

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server. An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0892

BID: 112145

Microsoft Rating: Important

Vulnerability Type

Microsoft Word Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Office Online Server Microsoft Office Web Apps 2010 SP2 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Server 2010 SP2 Microsoft SharePoint Server 2019 Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition) Microsoft Office 365 ProPlus for 32-bit Systems Microsoft Office 365 ProPlus for 64-bit Systems

 

Details

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0893

BID: 112148

Microsoft Rating: Important

Vulnerability Type

Microsoft Office SharePoint XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2013 Service Pack 1

 

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0894

BID: 112150

Microsoft Rating: Important

Vulnerability Type

Microsoft Office SharePoint XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019 Microsoft SharePoint Foundation 2010 SP2 Microsoft SharePoint Foundation 2013 SP1

 

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0896

BID: 112209

Microsoft Rating: Important

Vulnerability Type

Windows Hard Link Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0897

BID: 112082

Microsoft Rating: Important

Vulnerability Type

Windows Work Folder Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1703 for 32-bit Systems Microsoft Windows 10 version 1703 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for 64-bit Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0898

BID: 112210

Microsoft Rating: Important

Vulnerability Type

Windows Graphics Component Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Server 2016

 

Details

A privilege escalation vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: Under Review

 

ID and Rating

CAN/CVE ID: CVE-2020-0903

BID: 112151

Microsoft Rating: Important

Vulnerability Type

Microsoft Exchange Server Spoofing Vulnerability

Vulnerability Affects

Microsoft Exchange Server 2016 Cumulative Update 14 Microsoft Exchange Server 2016 Cumulative Update 15 Microsoft Exchange Server 2019 Cumulative Update 3 Microsoft Exchange Server 2019 Cumulative Update 4

 

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected server.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0765

BID: 112109

Microsoft Rating: Moderate

Vulnerability Type

Remote Desktop Connection Manager Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Remote Desktop Connection Manager 2.7

 

Details

An information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic:

 

ID and Rating

CAN/CVE ID: CVE-2020-0849

BID: 112153

Microsoft Rating: None

Vulnerability Type

Windows Hard Link Elevation of Privilege Vulnerability

Vulnerability Affects

 

 

 

                                                                  

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 7 for 32-bit Systems SP1 Microsoft Windows 7 for x64-based Systems SP1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems SP2 Microsoft Windows Server 2008 for Itanium-based Systems SP2 Microsoft Windows Server 2008 for x64-based Systems SP2 Microsoft Windows Server 2008 R2 for Itanium-based Systems SP1 Microsoft Windows Server 2008 R2 for x64-based Systems SP1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server 1803 Microsoft Windows Server 1903 Microsoft Windows Server 1909

 

Details

A privilege escalation vulnerability exists when Windows improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

 

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A