Msrc Windows Server 2012 vulnerabilities

CVE-2021-1708 [MEDIUM] Windows GDI+ Information Disclosure Vulnerability Windows GDI+ Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Microsoft Graphics Component: Microsoft Graphics Component Micro

CVE-2021-1699 [MEDIUM] Windows (modem.sys) Information Disclosure Vulnerability Windows (modem.sys) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure Exploit Status: Publicly Disclosed:N

CVE-2021-1696 [MEDIUM] Windows Graphics Component Information Disclosure Vulnerability Windows Graphics Component Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure

CVE-2021-1656 [MEDIUM] TPM Device Driver Information Disclosure Vulnerability TPM Device Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Windows TPM Device Driver: Windows TPM Device Driver M

CVE-2021-1679 [MEDIUM] Windows CryptoAPI Denial of Service Vulnerability Windows CryptoAPI Denial of Service Vulnerability Windows CryptoAPI: Windows CryptoAPI Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4598242 Reference: https://

CVE-2020-17140 [HIGH] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability FAQ: Does this security update target the Server or Client side? In this case the fix targets both sides. Specifically the smb2.srv binary is the primary fix target, which is housed on both sides of the connection. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this

CVE-2020-17092 [HIGH] Windows Network Connections Service Elevation of Privilege Vulnerability Windows Network Connections Service Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Sea

CVE-2020-17096 [HIGH] Windows NTFS Remote Code Execution Vulnerability Windows NTFS Remote Code Execution Vulnerability FAQ: How would an attacker exploit this vulnerability? A local attacker could run a specially crafted application that would elevate the attacker's privileges. A remote attacker with SMBv2 access to a vulnerable system could send specially crafted requests over a network to exploit this vulnerability and execute code on the target system. Windows SMB: Windows SMB Microsoft:

CVE-2020-17098 [MEDIUM] Windows GDI+ Information Disclosure Vulnerability Windows GDI+ Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Microsoft Graphics Component: Microsoft Graphics Component Micr

CVE-2020-16996 [MEDIUM] Kerberos Security Feature Bypass Vulnerability Kerberos Security Feature Bypass Vulnerability FAQ: Does this security fix require any additional steps in order to be protected from this issue? Yes, for guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see Managing deployment of RBCD/Protected User changes for CVE-2020-16996. Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Requi

CVE-2020-17097 [LOW] Windows Digital Media Receiver Elevation of Privilege Vulnerability Windows Digital Media Receiver Elevation of Privilege Vulnerability Windows Media: Windows Media Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB459243

CVE-2020-17051 [CRITICAL] Windows Network File System Remote Code Execution Vulnerability Windows Network File System Remote Code Execution Vulnerability FAQ: What is the attack vector for this vulnerability? In a network-based attack an attacker with write access to an NFS share could execute code remotely within the kernel. Is this CVE wormable? This CVE is wormable between machines hosting writable NFS shares. Where should the customer be applying the update? The vulnerability only exists in

CVE-2020-17011 [HIGH] Windows Port Class Library Elevation of Privilege Vulnerability Windows Port Class Library Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q

CVE-2020-17001 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586785

CVE-2020-17068 [HIGH] Windows GDI+ Remote Code Execution Vulnerability Windows GDI+ Remote Code Execution Vulnerability Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB458678

CVE-2020-17044 [HIGH] Windows Remote Access Elevation of Privilege Vulnerability Windows Remote Access Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586781

CVE-2020-17088 [HIGH] Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver: Windows Common Log File System Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Referen

CVE-2020-17038 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586785 Refere

CVE-2020-17042 [HIGH] Windows Print Spooler Remote Code Execution Vulnerability Windows Print Spooler Remote Code Execution Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5042881 R

CVE-2020-17024 [HIGH] Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update