Msrc Windows Server Version 1903 vulnerabilities

CVE-2020-17162 [HIGH] Microsoft Windows Security Feature Bypass Vulnerability Microsoft Windows Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? It is a bypass of Extended Protection for Authentication(EPA) where Service Principle Name could allow Windows store UAP applications to elevate privileges. Microsoft Windows: Microsoft Windows Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status

CVE-2020-17103 [HIGH] Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/si

CVE-2020-17092 [HIGH] Windows Network Connections Service Elevation of Privilege Vulnerability Windows Network Connections Service Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Sea

CVE-2020-16962 [HIGH] Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine: Windows Backup Engine Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4592438

CVE-2020-17136 [HIGH] Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/si

CVE-2020-17096 [HIGH] Windows NTFS Remote Code Execution Vulnerability Windows NTFS Remote Code Execution Vulnerability FAQ: How would an attacker exploit this vulnerability? A local attacker could run a specially crafted application that would elevate the attacker's privileges. A remote attacker with SMBv2 access to a vulnerable system could send specially crafted requests over a network to exploit this vulnerability and execute code on the target system. Windows SMB: Windows SMB Microsoft:

CVE-2020-16958 [HIGH] Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine: Windows Backup Engine Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4592438

CVE-2020-16964 [HIGH] Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine: Windows Backup Engine Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4592438

CVE-2020-17134 [HIGH] Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/si

CVE-2020-17095 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code when it fails to properly validate vSMB packet data. Windows Hyper-V: Windows Hyper-V Microsoft: Microsoft Customer Action Required: Y

CVE-2020-16960 [HIGH] Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine: Windows Backup Engine Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4592438

CVE-2020-16959 [HIGH] Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine: Windows Backup Engine Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4592438

CVE-2020-16961 [HIGH] Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine: Windows Backup Engine Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4592438

CVE-2020-17139 [HIGH] Windows Overlay Filter Security Feature Bypass Vulnerability Windows Overlay Filter Security Feature Bypass Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4592438 R

CVE-2020-16963 [HIGH] Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine Elevation of Privilege Vulnerability Windows Backup Engine: Windows Backup Engine Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4592446

CVE-2020-17094 [MEDIUM] Windows Error Reporting Information Disclosure Vulnerability Windows Error Reporting Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. Windows Error Reporting: Windows Error Reporting Microsoft: Microsoft Customer Action Required: Yes Impac

CVE-2020-16996 [MEDIUM] Kerberos Security Feature Bypass Vulnerability Kerberos Security Feature Bypass Vulnerability FAQ: Does this security fix require any additional steps in order to be protected from this issue? Yes, for guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see Managing deployment of RBCD/Protected User changes for CVE-2020-16996. Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Requi

CVE-2020-17097 [LOW] Windows Digital Media Receiver Elevation of Privilege Vulnerability Windows Digital Media Receiver Elevation of Privilege Vulnerability Windows Media: Windows Media Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB459243

CVE-2020-17051 [CRITICAL] Windows Network File System Remote Code Execution Vulnerability Windows Network File System Remote Code Execution Vulnerability FAQ: What is the attack vector for this vulnerability? In a network-based attack an attacker with write access to an NFS share could execute code remotely within the kernel. Is this CVE wormable? This CVE is wormable between machines hosting writable NFS shares. Where should the customer be applying the update? The vulnerability only exists in

CVE-2020-17076 [HIGH] Windows Update Orchestrator Service Elevation of Privilege Vulnerability Windows Update Orchestrator Service Elevation of Privilege Vulnerability Windows Update Stack: Windows Update Stack Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.c