Msrc Windows Server 2012 R2 vulnerabilities

CVE-2020-17087 [HIGH] Windows Kernel Local Elevation of Privilege Vulnerability Windows Kernel Local Elevation of Privilege Vulnerability Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:Yes;Exploited:Yes;Latest Software Release:Exploitation Detected;Older Software Release:Exploitation Detected;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586785 Reference:

CVE-2020-17043 [HIGH] Windows Remote Access Elevation of Privilege Vulnerability Windows Remote Access Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586785

CVE-2020-17026 [HIGH] Windows Remote Access Elevation of Privilege Vulnerability Windows Remote Access Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586785

CVE-2020-17047 [HIGH] Windows Network File System Denial of Service Vulnerability Windows Network File System Denial of Service Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586781 R

CVE-2020-17033 [HIGH] Windows Remote Access Elevation of Privilege Vulnerability Windows Remote Access Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586785

CVE-2020-16997 [HIGH] Remote Desktop Protocol Server Information Disclosure Vulnerability Remote Desktop Protocol Server Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized read access to Windows RDP server process. Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Infor

CVE-2020-17014 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586786

CVE-2020-17029 [MEDIUM] Windows Canonical Display Driver Information Disclosure Vulnerability Windows Canonical Display Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Microsoft Graphics Compo

CVE-2020-17004 [MEDIUM] Windows Graphics Component Information Disclosure Vulnerability Windows Graphics Component Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Microsoft Graphics Component: Microsoft Graphics Compone

CVE-2020-17040 [MEDIUM] Windows Hyper-V Security Feature Bypass Vulnerability Windows Hyper-V Security Feature Bypass Vulnerability FAQ: What configurations or versions could be at risk from this vulnerability? This bypass could affect any Hyper-V configurations that are using Router Guard. What is the exposure if the vulnerability was bypassed? Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencin

CVE-2020-17049 [MEDIUM] Kerberos KDC Security Feature Bypass Vulnerability Kerberos KDC Security Feature Bypass Vulnerability Description: A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to a

CVE-2020-1599 [MEDIUM] Windows Spoofing Vulnerability Windows Spoofing Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Spoofing Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586785 Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx

CVE-2020-17045 [MEDIUM] Windows KernelStream Information Disclosure Vulnerability Windows KernelStream Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Microsoft Windows: Microsoft Windows Microsoft:

CVE-2020-17069 [MEDIUM] Windows NDIS Information Disclosure Vulnerability Windows NDIS Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Windows NDIS: Windows NDIS Microsoft: Microsoft Customer Actio

CVE-2020-17056 [MEDIUM] Windows Network File System Information Disclosure Vulnerability Windows Network File System Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Microsoft Windows: Microsoft Windows Microsoft: Microso

CVE-2020-17036 [MEDIUM] Windows Function Discovery SSDP Provider Information Disclosure Vulnerability Windows Function Discovery SSDP Provider Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Microsof

CVE-2020-17000 [MEDIUM] Remote Desktop Protocol Client Information Disclosure Vulnerability Remote Desktop Protocol Client Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure Exploit Statu

CVE-2020-16911 [HIGH] GDI+ Remote Code Execution Vulnerability GDI+ Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are con

CVE-2020-16920 [HIGH] Windows Application Compatibility Client Library Elevation of Privilege Vulnerability Windows Application Compatibility Client Library Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations. An attacker who successfully exploited this vulnerability could gain elevated privileges. To exploit the vulnerability, an attacker would first nee

CVE-2020-16902 [HIGH] Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior. A locally authenticated attacker could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create n