Symantec product detections for Microsoft monthly Security Bulletins - June 2020

book

Article ID: 192559

calendar_today

Updated On:

Products

Endpoint Security

Issue/Introduction

This document describes Symantec product detections for the Microsoft vulnerabilities for which Microsoft releases patches in their monthly Security Bulletins.

Note: Symantec posts this information shortly after it becomes available from Microsoft. Any missing information will be added to the document as it becomes available.
Note: These have been referred to previously as Security Advisories. The language has been updated to Security Bulletins to maintain cadence with Microsoft's terminology
Note: The fields for KB and Bulletin are no longer populated or used by Microsoft, and they no longer appear here as of April 2017
Note: The field for BID is no longer populated or used by Microsoft, and no longer appears here as of May 2020

Resolution

 

ID and Rating

CAN/CVE ID: ADV200010

Microsoft Rating: Critical

Vulnerability Type

June 2020 Adobe Flash Security Update

Vulnerability Affects

Adobe Flash Player on Windows 10 Adobe Flash Player on Windows 8.1 Adobe Flash Player on Windows RT 8.1 Adobe Flash Player on Windows Server 2012 Adobe Flash Player on Windows Server 2012 R2 Adobe Flash Player on Windows Server 2016 Adobe Flash Player on Windows Server 2019

Details

This security update addresses the following vulnerability, which is described in Adobe Security Bulletin APSB20-30: CVE-2020-9633.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Skeptic: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2020-1073

‏‏

Microsoft Rating: Critical

Vulnerability Type

Scripting Engine Memory Corruption Vulnerability

Vulnerability Affects

ChakraCore Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Microsoft Windows Server 2016 Microsoft Edge (EdgeHTML-based) on Microsoft Windows Server 2019

Details

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1181

‏‏‏

Microsoft Rating: Critical

Vulnerability Type

Microsoft SharePoint Server Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Server 2019

Details

A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context of the SharePoint application pool process.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1213

‏‏‏

Microsoft Rating: Critical

Vulnerability Type

VBScript Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008

Details

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: Microsoft Internet Explorer CVE-2020-1062

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1219

‏‏‏

Microsoft Rating: Critical

Vulnerability Type

Microsoft Browser Memory Corruption Vulnerability

Vulnerability Affects

ChakraCore Microsoft Internet Explorer 11 Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Microsoft Edge (EdgeHTML-based) on Microsoft Windows Server 2016 Microsoft Edge (EdgeHTML-based) on Microsoft Windows Server 2019

Details

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: CVE-2020-1219 Remote Memory Corruption Vulnerability

Other Detections

AV: N/A

Skeptic: N/A

ID and Rating

CAN/CVE ID: CVE-2020-1248

‏‏‏

Microsoft Rating: Critical

Vulnerability Type

GDI+ Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1260

‏‏‏

Microsoft Rating: Critical

Vulnerability Type

VBScript Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008

Details

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: Microsoft Internet Explorer VBScript CVE-2020-1260 

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1281

‏‏‏

Microsoft Rating: Critical

Vulnerability Type

Windows OLE Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A remote code execution vulnerability exists when Microsoft Windows OLE fails to properly validate user input. An attacker could exploit the vulnerability to execute malicious code.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1286

‏‏‏

Microsoft Rating: Critical

Vulnerability Type

Windows Shell Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1299

‏‏‏

Microsoft Rating: Critical

Vulnerability Type

LNK Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1300

‏‏‏

Microsoft Rating: Critical

Vulnerability Type

Windows Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A remote code execution vulnerability exists when Microsoft Windows fails to properly handle cabinet files.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1214

‏‏‏

Microsoft Rating: Important

Vulnerability Type

VBScript Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008

Details

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: Microsoft Internet Explorer VBScript CVE-2020-1214

Other Detections

AV: N/A

Skeptic: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2020-1183

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Office SharePoint XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0915

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows GDI Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

 

Details

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/AN/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0916

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows GDI Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation

Details

An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-0986

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

 

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2020-1120

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Connected User Experiences and Telemetry Service Denial of Service Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 2004 (Server Core installation)

Details

A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could cause a system to stop responding.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1148

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Spoofing Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 Service Pack 2 Microsoft SharePoint Server 2019

Details

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1160

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Graphics Component Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

 

Details

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1162

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists Windows Security Health Service when handles certain objects in memory.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1163

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Windows Defender Elevation of Privilege Vulnerability

Vulnerability Affects

 

Details

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1170

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Windows Defender Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Forefront Endpoint Protection 2010 Microsoft Security Essentials Microsoft System Center 2012 Endpoint Protection Microsoft System Center 2012 R2 Endpoint Protection Microsoft System Center Endpoint Protection Microsoft Windows Defender on Microsoft Windows 10 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows Defender on Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Defender on Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows Defender on Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows Defender on Microsoft Windows 8.1 for 32-bit systems Microsoft Windows Defender on Microsoft Windows 8.1 for x64-based systems Microsoft Windows Defender on Microsoft Windows RT 8.1 Microsoft Windows Defender on Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Defender on Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Defender on Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Defender on Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Defender on Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server 2012 Microsoft Windows Defender on Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server 2012 R2 Microsoft Windows Defender on Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server 2016 Microsoft Windows Defender on Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server 2019 Microsoft Windows Defender on Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Defender on Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Defender on Microsoft Windows Server, version 1909 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.

 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1177

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Office SharePoint XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1178

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Server Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 Service Pack 2 Microsoft SharePoint Server 2019

 

Details

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the context of the SharePoint application pool account.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2020-1194

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Registry Denial of Service Vulnerability

Vulnerability Affects

N/A

Details

A denial of service vulnerability exists when Windows Registry improperly handles filesystem operations. An attacker who successfully exploited the vulnerability could cause a denial of service against a system. To exploit the vulnerability, an attacker who has access to the system could run a specially crafted application. The security update addresses the vulnerability by correcting how Windows Registry handles filesystem operations.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1196

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Print Configuration Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the way that the printconfig.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1197

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Error Reporting Manager Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1199

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Feedback Hub Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for HoloLens Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems

Details

An elevation of privilege vulnerability exists when the Windows Feedback Hub improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1201

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Now Playing Session Manager Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the way the Windows Now Playing Session Manager handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete data.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1202

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1203

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1204

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. An attacker who successfully exploited this vulnerability could bypass access restrictions to delete files.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1206

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows SMBv3 Client/Server Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

Intrusion Protection System (IPS) Response

Sig ID: OS Attack: Windows SMBv3 CVE-2020-1206 

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1207

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1208

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Jet Database Engine Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1209

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Network List Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1211

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Connected Devices Platform Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1212

‏‏‏

Microsoft Rating: Important

Vulnerability Type

OLE Automation Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when an OLE Automation component improperly handles memory.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1215

‏‏‏

Microsoft Rating: Important

Vulnerability Type

VBScript Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008

Details

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: Microsoft Internet Explorer VBScript CVE-2020-1215

Other Detections

AV: N/A

Skeptic: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2020-1217

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Runtime Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation

Details

An Information Disclosure vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could read memory that was freed and might run arbitrary code in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1220

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge (Chromium-based) in IE Mode Spoofing Vulnerability

Vulnerability Affects

N/A

Details

N/A

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1222

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Store Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1223

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Word for Android Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Word for Android

Details

A remote code execution vulnerability exists when Microsoft Word for Android fails to properly handle certain files.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1225

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac

Details

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1226

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Excel Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Excel 2010 Service Pack 2 (32-bit editions) Microsoft Excel 2010 Service Pack 2 (64-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac

Details

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1229

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Outlook Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office 2010 Service Pack 2 (32-bit editions) Microsoft Office 2010 Service Pack 2 (64-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2016 (32-bit edition) Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac Microsoft Word 2010 Service Pack 2 (32-bit editions) Microsoft Word 2010 Service Pack 2 (64-bit editions) Microsoft Word 2013 RT Service Pack 1 Microsoft Word 2013 Service Pack 1 (32-bit editions) Microsoft Word 2013 Service Pack 1 (64-bit editions) Microsoft Word 2016 (32-bit edition) Microsoft Word 2016 (64-bit edition)

Details

A security feature bypass vulnerability exists when Outlook [or relevant product] fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images, disclosing the IP address of the targeted system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1230

‏‏‏

Microsoft Rating: Important

Vulnerability Type

VBScript Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008

Details

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.

Intrusion Protection System (IPS) Response

Sig ID: Web Attack: Microsoft Internet Explorer VBScript CVE-2020-1230

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1231

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1232

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Media Foundation Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1233

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1234

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Error Reporting Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles memory.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1235

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1236

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Jet Database Engine Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1237

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1238

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Media Foundation Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1239

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Media Foundation Memory Corruption Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1241

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation

Details

A security feature bypass vulnerability exists when Windows Kernel fails to properly sanitize certain parameters.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1242

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Edge Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Edge (EdgeHTML-based) on Microsoft Windows 10 Microsoft Edge (EdgeHTML-based) on Microsoft Windows Server 2019

Details

An information disclosure vulnerability exists in the way that Microsoft Edge handles cross-origin requests. An attacker who successfully exploited this vulnerability could determine the origin of all webpages in the affected browser.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1244

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Connected User Experiences and Telemetry Service Denial of Service Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A denial of service vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could cause a system to stop responding.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1246

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1247

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

 

ID and Rating

CAN/CVE ID: CVE-2020-1251

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1253

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1254

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Modules Installer Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1255

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) IIS module improperly handles uploaded content. An attacker who successfully exploited this vulnerability could upload restricted file types to an IIS-hosted folder.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1257

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1258

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1259

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Host Guardian Service Security Feature Bypass Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A security feature bypass vulnerability exists when Windows Host Guardian Service improperly handles hashes recorded and logged. An attacker who successfully exploited the vulnerability could tamper with the log file.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1261

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Error Reporting Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1262

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1263

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Error Reporting Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An information disclosure vulnerability exists in the way Windows Error Reporting (WER) handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1264

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1265

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1266

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1268

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Service Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An information disclosure vulnerability exists when a Windows service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1269

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1270

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows WLAN Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the way that the wlansvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1271

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Backup Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Microsoft Windows 7 for x64-based Microsoft Windows Server 2008 R2 for Itanium-Based Microsoft Windows Server 2008 R2 for x64-based Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1272

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1273

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1274

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1275

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1276

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1277

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1278

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1279

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Lockscreen Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when Windows Lockscreen fails to properly load spotlight images from a secure location. An attacker who successfully exploited the vulnerability could execute commands with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1280

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Bluetooth Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1282

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1283

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Denial of Service Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A denial of service vulnerability exists when Windows improperly handles objects in memory. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1284

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows SMBv3 Client/Server Denial of Service Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 2004 (Server Core installation)

Details

A denial of service vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An authenticated attacker who successfully exploited this vulnerability against an SMB Server could cause the affected system to crash. An unauthenticated attacker could also exploit this this vulnerability against an SMB client and cause the affected system to crash.

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1287

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows WalletService Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1289

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Spoofing Vulnerability

Vulnerability Affects

Microsoft SharePoint Foundation 2010 Service Pack 2

Details

A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1290

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Win32k Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1291

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Network Connections Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1292

‏‏‏

Microsoft Rating: Important

Vulnerability Type

OpenSSH for Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in OpenSSH for Windows when it does not properly restrict access to configuration settings. An attacker who successfully exploited this vulnerability could replace the shell with a malicious binary.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1293

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1294

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows WalletService Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1295

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft SharePoint Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Server 2019

Details

An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker who successfully exploited this vulnerability could attempt to impersonate another user of the SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1296

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Diagnostics & feedback Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An information disclosure vulnerability exists in the way Windows Diagnostics & feedback handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1297

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Office SharePoint XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 Service Pack 2 Microsoft SharePoint Server 2019

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1298

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Office SharePoint XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Server 2019

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1301

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows SMB Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server.

Intrusion Protection System (IPS) Response

Sig ID: OS Attack: Windows SMB CVE-2020-1301

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1302

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1304

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1305

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows State Repository Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1306

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1307

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1309

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Store Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Microsoft Store Runtime improperly handles memory.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1310

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Win32k Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1703 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1709 (Server Core Installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1311

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Component Object Model Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when COM client uses special case IIDs. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1312

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Installer Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1313

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Update Orchestrator Service Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1314

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Text Service Framework Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists in Windows Text Service Framework (TSF) when the TSF server fails to properly handle messages sent from TSF clients. An attacker who successfully exploited this vulnerability could run arbitrary code in a privileged process. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1315

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Internet Explorer Information Disclosure Vulnerability

Vulnerability Affects

Microsoft Internet Explorer 11 Microsoft Internet Explorer 9 on Microsoft Windows Server 2008

Details

An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user's system.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1316

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Kernel Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1317

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Group Policy Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 7 for 32-bit Systems Service Pack 1 Microsoft Windows 7 for x64-based Systems Service Pack 1 Microsoft Windows 8.1 for 32-bit Systems Microsoft Windows 8.1 for x64-based Systems Microsoft Windows RT 8.1 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 for Itanium-Based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Microsoft Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1318

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Office SharePoint XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Server 2019

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1320

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Office SharePoint XSS Vulnerability

Vulnerability Affects

Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2010 Service Pack 2 Microsoft SharePoint Server 2019

Details

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1321

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Office Remote Code Execution Vulnerability

Vulnerability Affects

Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office 2016 for Mac Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for Mac

Details

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. 

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1322

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Project Information Disclosure Vulnerability

Vulnerability Affects

Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office 2019 for 32-bit editions Microsoft Office 2019 for 64-bit editions Microsoft Project 2010 Service Pack 2 (32-bit editions) Microsoft Project 2010 Service Pack 2 (64-bit editions) Microsoft Project 2013 Service Pack 1 (32-bit editions) Microsoft Project 2013 Service Pack 1 (64-bit editions) Microsoft Project 2016 (32-bit edition) Microsoft Project 2016 (64-bit edition)

Details

An information disclosure vulnerability exists when Microsoft Project software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory, potentially containing sensitive information.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1323

‏‏‏

Microsoft Rating: Important

Vulnerability Type

SharePoint Open Redirect Vulnerability

Vulnerability Affects

Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019

Details

An open redirect vulnerability exists in Microsoft SharePoint that could lead to spoofing.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1324

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists Windows Security Health Service when handles certain objects in memory.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1327

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Team Foundation Server HTML Injection Vulnerability

Vulnerability Affects

Azure DevOps Server 2019 Update 1 Azure DevOps Server 2019 Update 1.1 Azure DevOps Server 2019.0.1

Details

A spoofing vulnerability exists in Microsoft Team Foundation Server when it fails to properly handle web requests. An attacker who successfully exploited the vulnerability could perform script or content injection attacks, and attempt to trick the user into disclosing sensitive information. An attacker could also redirect the user to a malicious website that could spoof content or the vulnerability could be used as a pivot to chain an attack with other vulnerabilities in web services.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1329

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Microsoft Bing Search Spoofing Vulnerability

Vulnerability Affects

Microsoft Bing Search for Android

Details

A spoofing vulnerability exists when Microsoft Bing Search for Android improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was on a legitimate website. The specially crafted website, when browsed using the app could spoof the URL and serve malicious content.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1331

‏‏‏

Microsoft Rating: Important

Vulnerability Type

System Center Spoofing Vulnerability

Vulnerability Affects

System Center 2016 Operations Manager

Details

A spoofing vulnerability exists when System Center does not properly sanitize a specially crafted web request to an affected System Center. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected System Center.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1334

‏‏‏

Microsoft Rating: Important

Vulnerability Type

Windows Runtime Elevation of Privilege Vulnerability

Vulnerability Affects

Microsoft Windows 10 for 32-bit Systems Microsoft Windows 10 for x64-based Systems Microsoft Windows 10 Version 1607 for 32-bit Systems Microsoft Windows 10 Version 1607 for x64-based Systems Microsoft Windows 10 Version 1703 for 32-bit Systems Microsoft Windows 10 Version 1703 for x64-based Systems Microsoft Windows 10 Version 1709 for 32-bit Systems Microsoft Windows 10 Version 1709 for ARM64-based Systems Microsoft Windows 10 Version 1709 for x64-based Systems Microsoft Windows 10 Version 1803 for 32-bit Systems Microsoft Windows 10 Version 1803 for ARM64-based Systems Microsoft Windows 10 Version 1803 for x64-based Systems Microsoft Windows 10 Version 1809 for 32-bit Systems Microsoft Windows 10 Version 1809 for ARM64-based Systems Microsoft Windows 10 Version 1809 for x64-based Systems Microsoft Windows 10 Version 1903 for 32-bit Systems Microsoft Windows 10 Version 1903 for ARM64-based Systems Microsoft Windows 10 Version 1903 for x64-based Systems Microsoft Windows 10 Version 1909 for 32-bit Systems Microsoft Windows 10 Version 1909 for ARM64-based Systems Microsoft Windows 10 Version 1909 for x64-based Systems Microsoft Windows 10 Version 2004 for 32-bit Systems Microsoft Windows 10 Version 2004 for ARM64-based Systems Microsoft Windows 10 Version 2004 for x64-based Systems Microsoft Windows 8.1 for 32-bit systems Microsoft Windows 8.1 for x64-based systems Microsoft Windows RT 8.1 Microsoft Windows Server 2012 Microsoft Windows Server 2012 (Server Core installation) Microsoft Windows Server 2012 R2 Microsoft Windows Server 2012 R2 (Server Core installation) Microsoft Windows Server 2016 Microsoft Windows Server 2016 (Server Core installation) Microsoft Windows Server 2019 Microsoft Windows Server 2019 (Server Core installation) Microsoft Windows Server, version 1709 (Server Core Installation) Microsoft Windows Server, version 1803 (Server Core Installation) Microsoft Windows Server, version 1903 (Server Core installation) Microsoft Windows Server, version 1909 (Server Core installation) Microsoft Windows Server, version 2004 (Server Core installation)

Details

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1340

‏‏‏

Microsoft Rating: Important

Vulnerability Type

NuGetGallery Spoofing Vulnerability

Vulnerability Affects

NuGetGallery

Details

A spoofing vulnerability exists when the NuGetGallery does not properly sanitize input on package metadata values. An attacker who successfully exploited the vulnerability could perform cross-site scripting attacks and run scripts in the security context of the user viewing the malicious content.

Intrusion Protection System (IPS) Response

Sig ID: N/A

Other Detections

AV: N/A

Skeptic: N/A

 

ID and Rating

CAN/CVE ID: CVE-2020-1348

‏‏‏

Microsoft Rating: Important

Vulnerability Type

CVE-2020-1348 Windows GDI Information Disclosure Vulnerability

Vulnerability Affects

N/A

Details

N/A

Intrusion Protection System (IPS) Response

Sig ID: Under Review

Other Detections

AV: Under Review

Skeptic: N/A