Msrc Windows Server 2008 R2 vulnerabilities

CVE-2020-0772 [HIGH] Windows Error Reporting Elevation of Privilege Vulnerability Windows Error Reporting Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correct

CVE-2020-0860 [HIGH] Windows ActiveX Installer Service Elevation of Privilege Vulnerability Windows ActiveX Installer Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addr

CVE-2020-0803 [HIGH] Windows Network Connections Service Elevation of Privilege Vulnerability Windows Network Connections Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially c

CVE-2020-0787 [HIGH] Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status. To exploit this vulnerabilit

CVE-2020-0842 [HIGH] Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations. To exploit the vulnerability, an attacker would require unprivileged execution on the victim system. After successfully exploiting the vulnerability, an attacker could run arbitrary code with elevated privileges

CVE-2020-0774 [MEDIUM] Windows GDI Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a special

CVE-2020-0879 [MEDIUM] Windows GDI Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could allow arbitrary code to be run if the attacker uses it in combina

CVE-2020-0883 [HIGH] GDI+ Remote Code Execution Vulnerability GDI+ Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are conf

CVE-2020-0881 [HIGH] GDI+ Remote Code Execution Vulnerability GDI+ Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are conf

CVE-2020-0871 [MEDIUM] Windows Network Connections Service Information Disclosure Vulnerability Windows Network Connections Service Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when Windows Network Connections Service fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could potentially disclose memory contents of an elevated process. To exploit this vulnerability, an authenticated attacker coul

CVE-2020-0880 [MEDIUM] Windows GDI Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a special

CVE-2020-0882 [MEDIUM] Windows GDI Information Disclosure Vulnerability Windows GDI Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a special

CVE-2020-0853 [MEDIUM] Windows Imaging Component Information Disclosure Vulnerability Windows Imaging Component Information Disclosure Vulnerability Description: An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user's system. There are multiple ways an attacker could exploit this vulnerability: In a

CVE-2020-0885 [MEDIUM] Windows Graphics Component Information Disclosure Vulnerability Windows Graphics Component Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise a user’s system. There are multiple ways an attacker could exploit the vulnerability, such as by convinc

CVE-2020-0686 [HIGH] Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially cr

CVE-2020-0745 [HIGH] Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted applicatio

CVE-2020-0682 [HIGH] Windows Function Discovery Service Elevation of Privilege Vulnerability Windows Function Discovery Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially craf

CVE-2020-0667 [HIGH] Windows Search Indexer Elevation of Privilege Vulnerability Windows Search Indexer Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update

CVE-2020-0724 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an

CVE-2020-0722 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an