Msrc Windows 10 Version 1903 For Arm64-Based Systems vulnerabilities

CVE-2020-17139 [HIGH] Windows Overlay Filter Security Feature Bypass Vulnerability Windows Overlay Filter Security Feature Bypass Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4592438 R

CVE-2020-17076 [HIGH] Windows Update Orchestrator Service Elevation of Privilege Vulnerability Windows Update Orchestrator Service Elevation of Privilege Vulnerability Windows Update Stack: Windows Update Stack Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.c

CVE-2020-17074 [HIGH] Windows Update Orchestrator Service Elevation of Privilege Vulnerability Windows Update Orchestrator Service Elevation of Privilege Vulnerability Windows Update Stack: Windows Update Stack Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.c

CVE-2020-17010 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586786 Reference: https://support.m

CVE-2020-17073 [HIGH] Windows Update Orchestrator Service Elevation of Privilege Vulnerability Windows Update Orchestrator Service Elevation of Privilege Vulnerability Windows Update Stack: Windows Update Stack Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.c

CVE-2020-17012 [HIGH] Windows Bind Filter Driver Elevation of Privilege Vulnerability Windows Bind Filter Driver Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q

CVE-2020-16877 [HIGH] Windows Elevation of Privilege Vulnerability Windows Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points. An attacker who successfully exploited this vulnerability could overwrite or delete a targeted file that would normally require elevated permissions. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a speci

CVE-2020-16895 [HIGH] Windows Error Reporting Manager Elevation of Privilege Vulnerability Windows Error Reporting Manager Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash. An attacker who successfully exploited this vulnerability could delete a targeted file leading to an elevated status. To exploit this vulnerability, an attacker would first have to log on to the system. An

CVE-2020-16885 [HIGH] Windows Storage VSP Driver Elevation of Privilege Vulnerability Windows Storage VSP Driver Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Storage VSP Driver improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first need code execution on a victim system. An attacker could then run a spec

CVE-2020-17022 [HIGH] Microsoft Windows Codecs Library Remote Code Execution Vulnerability Microsoft Windows Codecs Library Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code. Exploitation of the vulnerability requires that a program process a specially crafted image file. The update addresses

CVE-2020-16908 [HIGH] Windows Setup Elevation of Privilege Vulnerability Windows Setup Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Windows Setup in the way it handles directories. A locally authenticated attacker could run arbitrary code with elevated system privileges. After successfully exploiting the vulnerability, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. The se

CVE-2020-1532 [HIGH] Windows InstallService Elevation of Privilege Vulnerability Windows InstallService Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows InstallService improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correc

CVE-2020-1507 [HIGH] Microsoft COM for Windows Elevation of Privilege Vulnerability Microsoft COM for Windows Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in the way that Microsoft COM for Windows handles objects in memory. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, a user would have to open a specially crafted file. The security update addresses t

CVE-2020-0870 [HIGH] Shell infrastructure component Elevation of Privilege Vulnerability Shell infrastructure component Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Shell infrastructure component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could

CVE-2020-1592 [MEDIUM] Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. The update addresses t

CVE-2020-0890 [MEDIUM] Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Description: A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system. To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. The security

CVE-2020-1122 [MEDIUM] Windows Language Pack Installer Elevation of Privilege Vulnerability Windows Language Pack Installer Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the vict

CVE-2020-16879 [MEDIUM] Projected Filesystem Information Disclosure Vulnerability Projected Filesystem Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could

CVE-2020-1119 [MEDIUM] Windows Information Disclosure Vulnerability Windows Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when StartTileData.dll improperly handles objects in memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The update addr

CVE-2020-1303 [MEDIUM] Windows Runtime Elevation of Privilege Vulnerability Windows Runtime Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The update addresses the vulne