Msrc Windows Server Version 1903 vulnerabilities

CVE-2020-1566 [MEDIUM] Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerabilit

CVE-2020-1490 [HIGH] Windows Storage Service Elevation of Privilege Vulnerability Windows Storage Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system. To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially craf

CVE-2020-1525 [HIGH] Media Foundation Memory Corruption Vulnerability Media Foundation Memory Corruption Vulnerability Description: A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory. An attacker who successfully exploited the vulnerability could install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to

CVE-2020-1470 [HIGH] Windows Work Folders Service Elevation of Privilege Vulnerability Windows Work Folders Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulne

CVE-2020-1480 [HIGH] Windows GDI Elevation of Privilege Vulnerability Windows GDI Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this v

CVE-2020-1561 [HIGH] Microsoft Graphics Components Remote Code Execution Vulnerability Microsoft Graphics Components Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafted file. The security update addresse

CVE-2020-1527 [HIGH] Windows Custom Protocol Engine Elevation of Privilege Vulnerability Windows Custom Protocol Engine Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Custom Protocol Engine improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the

CVE-2020-1509 [HIGH] Local Security Authority Subsystem Service Elevation of Privilege Vulnerability Local Security Authority Subsystem Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in the Local Security Authority Subsystem Service (LSASS) when an authenticated attacker sends a specially crafted authentication request. A remote attacker who successfully exploited this vulnerability could cause an elevation of privilege on the target sys

CVE-2020-1511 [HIGH] Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by runnin

CVE-2020-1550 [HIGH] Windows CDP User Components Elevation of Privilege Vulnerability Windows CDP User Components Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handle memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerabi

CVE-2020-1534 [HIGH] Windows Backup Service Elevation of Privilege Vulnerability Windows Backup Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability

CVE-2020-1549 [HIGH] Windows CDP User Components Elevation of Privilege Vulnerability Windows CDP User Components Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows CDP User Components improperly handle memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerabi

CVE-2020-1521 [HIGH] Windows Speech Runtime Elevation of Privilege Vulnerability Windows Speech Runtime Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Speech Runtime improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correc

CVE-2020-1479 [HIGH] DirectX Elevation of Privilege Vulnerability DirectX Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have t

CVE-2020-1475 [HIGH] Windows Server Resource Management Service Elevation of Privilege Vulnerability Windows Server Resource Management Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in the way that the srmsvc.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted appl

CVE-2020-1552 [HIGH] Windows Work Folder Service Elevation of Privilege Vulnerability Windows Work Folder Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. The

CVE-2020-1488 [HIGH] Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Windows AppX Deployment Extensions Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files. To exploit this vulnerability, an authenticated attacker would need to run a specially crafted application to elevate privileges. The security update a

CVE-2020-1484 [HIGH] Windows Work Folders Service Elevation of Privilege Vulnerability Windows Work Folders Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows Work Folders Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulne

CVE-2020-1518 [HIGH] Windows File Server Resource Management Service Elevation of Privilege Vulnerability Windows File Server Resource Management Service Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists when the Windows File Server Resource Management Service improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to el

CVE-2020-1487 [HIGH] Media Foundation Information Disclosure Vulnerability Media Foundation Information Disclosure Vulnerability Description: An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log onto an affected system and open a specially crafted file. In a w