Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA11743
HistoryApr 14, 2020 - 12:00 a.m.

KLA11743 Multiple vulnerabilities in Microsoft products (ESU)

2020-04-1400:00:00
Kaspersky Lab
threats.kaspersky.com
58

9.5 High

AI Score

Confidence

High

0.955 High

EPSS

Percentile

99.4%

JSON

Multiple vulnerabilities were found in Microsoft products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

  1. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  2. An information disclosure vulnerability in Microsoft Graphics Component can be exploited remotely via specially crafted application to obtain sensitive information.
  3. A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
  4. An information disclosure vulnerability in Win32k can be exploited remotely via specially crafted application to obtain sensitive information.
  5. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
  6. A remote code execution vulnerability in GDI+ can be exploited remotely via specially crafted website to execute arbitrary code.
  7. A remote code execution vulnerability in Microsoft Windows Codecs Library can be exploited remotely via specially crafted image to execute arbitrary code.
  8. A remote code execution vulnerability in VBScript can be exploited remotely via specially crafted website to execute arbitrary code.
  9. An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
  10. An elevation of privilege vulnerability in Microsoft Windows Update Client can be exploited remotely via specially crafted application to gain privileges.
  11. An information disclosure vulnerability in Media Foundation can be exploited remotely via specially crafted file to obtain sensitive information.
  12. A remote code execution vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to execute arbitrary code.
  13. A remote code execution vulnerability in Windows VBScript Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  14. An elevation of privilege vulnerability in Windows Work Folder Service can be exploited remotely via specially crafted application to gain privileges.
  15. A remote code execution vulnerability in Microsoft Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.
  16. A denial of service vulnerability in Windows DNS can be exploited remotely to cause denial of service.
  17. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
  18. An information disclosure vulnerability in Windows GDI can be exploited remotely via specially crafted document to obtain sensitive information.
  19. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely via specially crafted application to gain privileges.
  20. An elevation of privilege vulnerability in Win32k can be exploited remotely via specially crafted application to gain privileges.
  21. A remote code execution vulnerability in Adobe Font Manager Library can be exploited remotely via specially crafted document to execute arbitrary code.
  22. An information disclosure in CPU Memory Access can be exploited remotely via specially crafted application to obtain sensitive information.

Original advisories

CVE-2020-0968

CVE-2020-0987

CVE-2020-0982

CVE-2020-0889

CVE-2020-0960

CVE-2020-0962

CVE-2020-1007

CVE-2020-0964

CVE-2020-0965

CVE-2020-0988

CVE-2020-0967

CVE-2020-0959

CVE-2020-1015

CVE-2020-1014

CVE-2020-0946

CVE-2020-1011

CVE-2020-1009

CVE-2020-0907

CVE-2020-0895

CVE-2020-1094

CVE-2020-0687

CVE-2020-0995

CVE-2020-0994

CVE-2020-0993

CVE-2020-0992

CVE-2020-0821

CVE-2020-0999

CVE-2020-1000

CVE-2020-0953

CVE-2020-0952

CVE-2020-1004

CVE-2020-1005

CVE-2020-0957

CVE-2020-0956

CVE-2020-1008

CVE-2020-0958

CVE-2020-1020

CVE-2020-1027

CVE-2020-0938

CVE-2020-0966

CVE-2020-0955

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Microsoft-Windows-10

CVE list

CVE-2020-0968 critical

CVE-2020-0987 warning

CVE-2020-0982 warning

CVE-2020-0889 critical

CVE-2020-0960 critical

CVE-2020-0962 warning

CVE-2020-1007 warning

CVE-2020-0964 critical

CVE-2020-0965 warning

CVE-2020-0988 critical

CVE-2020-0967 critical

CVE-2020-0959 critical

CVE-2020-1015 high

CVE-2020-1014 high

CVE-2020-0946 warning

CVE-2020-1011 high

CVE-2020-1009 high

CVE-2020-0907 critical

CVE-2020-0895 critical

CVE-2020-1094 high

CVE-2020-0687 critical

CVE-2020-0995 critical

CVE-2020-0994 critical

CVE-2020-0993 high

CVE-2020-0992 critical

CVE-2020-0821 warning

CVE-2020-0999 critical

CVE-2020-1000 high

CVE-2020-0953 critical

CVE-2020-0952 warning

CVE-2020-1004 high

CVE-2020-1005 warning

CVE-2020-0957 high

CVE-2020-0956 high

CVE-2020-1008 critical

CVE-2020-0958 high

CVE-2020-1020 high

CVE-2020-1027 high

CVE-2020-0938 high

CVE-2020-0966 critical

CVE-2020-0955 warning

KB list

4550951

4550964

4550957

4550905

4550965

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

  • Windows 10 Version 1903 for 32-bit SystemsWindows Server 2008 for x64-based Systems Service Pack 2Internet Explorer 9Windows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows 10 for 32-bit SystemsWindows 7 for 32-bit Systems Service Pack 1Windows 10 Version 1607 for x64-based SystemsWindows Server 2019Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2016Windows 10 Version 1909 for x64-based SystemsWindows Server 2008 for 32-bit Systems Service Pack 2Windows 10 Version 1709 for x64-based SystemsWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows 10 Version 1909 for ARM64-based SystemsWindows Server 2016 (Server Core installation)Windows 10 Version 1607 for 32-bit SystemsWindows Server 2012 R2Windows 10 Version 1909 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1709 for 32-bit SystemsWindows Server, version 1803 (Server Core Installation)Internet Explorer 11Windows RT 8.1Windows 10 Version 1803 for ARM64-based SystemsWindows 7 for x64-based Systems Service Pack 1Windows Server 2019 (Server Core installation)Windows 8.1 for x64-based systemsWindows Server 2012 (Server Core installation)Windows 10 Version 1803 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows 10 Version 1709 for ARM64-based Systems

References

Related

mskb 15
nessus 11
openvas 8
prion 39
cvelist 39
kaspersky 2
googleprojectzero 2
krebs 1
threatpost 2
attackerkb 4
avleonov 1
thn 1
mscve 28
cve 28
checkpoint_advisories 4
cisa_kev 3
zdi 8
githubexploit 1
cnvd 1
huawei 1
mskb
mskb
April 14, 2020—KB4550951 (Monthly Rollup)
2020-04-14 07:00:00
April 14, 2020—KB4550965 (Security-only update)
2020-04-14 07:00:00
April 14, 2020—KB4550964 (Monthly Rollup)
2020-04-14 07:00:00
nessus
nessus
KB4550957: Windows Server 2008 April 2020 Security Update
2020-04-14 00:00:00
KB4550965: Windows 7 and Windows Server 2008 R2 April 2020 Security Update
2020-04-14 00:00:00
KB4550970: Windows 8.1 and Windows Server 2012 R2 April 2020 Security Update
2020-04-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4550964)
2020-04-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4550961)
2020-04-15 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4550930)
2020-04-15 00:00:00
prion
prion
Remote code execution
2020-04-15 15:15:00
Remote code execution
2020-04-15 15:15:00
Remote code execution
2020-04-15 15:15:00
cvelist
cvelist
CVE-2020-0960
2020-04-15 15:13:04
CVE-2020-0999
2020-04-15 15:13:19
CVE-2020-0889
2020-04-15 15:12:43
kaspersky
kaspersky
KLA11744 Multiple vulnerabilities in Microsoft Windows
2020-04-14 00:00:00
KLA11749 Multiple vulnerabilities in Microsoft Browsers
2020-04-14 00:00:00
googleprojectzero
googleprojectzero
In-the-Wild Series: Windows Exploits
2021-01-12 00:00:00
Introducing the In-the-Wild Series
2021-01-12 00:00:00
krebs
krebs
Microsoft Patch Tuesday, April 2020 Edition
2020-04-14 22:24:10
threatpost
threatpost
Sophisticated Hacks Against Android, Windows Reveal Zero-Day Trove
2021-01-13 16:57:39
April Patch Tuesday: Microsoft Battles 4 Bugs Under Active Exploit
2020-04-14 19:45:49
attackerkb
attackerkb
ADV200006 - Type 1 Font Parsing Remote Code Execution Vulnerability in Windows
2020-04-15 00:00:00
CVE-2020-1020
2020-04-15 00:00:00
CVE-2020-1015
2020-04-15 00:00:00
avleonov
avleonov
Microsoft Patch Tuesday April 2020: my classification script, confusing RCE in Adobe Type Manager and updates for older vulnerabilities
2020-04-26 01:24:38
thn
thn
Microsoft Issues Patches for 3 Bugs Exploited as Zero-Day in the Wild
2020-04-14 18:24:00
mscve
mscve
Windows GDI Information Disclosure Vulnerability
2020-04-14 07:00:00
Win32k Elevation of Privilege Vulnerability
2020-04-14 07:00:00
VBScript Remote Code Execution Vulnerability
2020-04-14 07:00:00
cve
cve
CVE-2020-0966
2020-04-15 15:15:18
CVE-2020-0958
2020-04-15 15:15:17
CVE-2020-1008
2020-04-15 15:15:20
checkpoint_advisories
checkpoint_advisories
Microsoft Win32k Elevation of Privilege (CVE-2020-0956)
2020-04-14 00:00:00
Microsoft OpenType Font Parsing Remote Code Execution (CVE-2020-0938)
2020-04-14 00:00:00
Microsoft Windows Kernel Elevation of Privilege (CVE-2020-1027)
2020-04-14 00:00:00
cisa_kev
cisa_kev
Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability
2021-11-03 00:00:00
Microsoft Windows Kernel Privilege Escalation Vulnerability
2022-05-23 00:00:00
Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability
2021-11-03 00:00:00
zdi
zdi
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability
2020-04-15 00:00:00
Microsoft Windows JET Database Engine Memory Corruption Remote Code Execution Vulnerability
2020-04-15 00:00:00
Microsoft Windows JET Database Engine Out-Of-Bounds Write Remote Code Execution Vulnerability
2020-04-15 00:00:00
githubexploit
githubexploit
Exploit for Out-of-bounds Write in Microsoft
2021-06-10 06:23:59
cnvd
cnvd
Microsoft Windows and Microsoft Windows Server Remote Code Execution Vulnerability (CNVD-2021-76466)
2020-04-17 00:00:00
huawei
huawei
Security Advisory - Elevation of Privilege Vulnerability in Some Microsoft Windows Systems
2020-08-05 00:00:00

9.5 High

AI Score

Confidence

High

0.955 High

EPSS

Percentile

99.4%

JSON
Related for KLA11743
mskb15nessus11openvas8prion39cvelist39kaspersky2googleprojectzero2krebs1threatpost2attackerkb4avleonov1thn1mscve28cve28checkpoint_advisories4cisa_kev3zdi8githubexploit1cnvd1huawei1