KLA11744Multiple vulnerabilities in Microsoft Windows

2020-04-14T00:00:00
ID KLA11744
Type kaspersky
Reporter Kaspersky Lab
Modified 2020-09-10T00:00:00

Description

Detect date:

04/14/2020

Severity:

Critical

Description:

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service, bypass security restrictions.

Exploitation:

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Affected products:

Windows 10 Version 1903 for 32-bit Systems
Windows Server 2008 for x64-based Systems Service Pack 2
Windows 10 Version 1903 for ARM64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1903 for x64-based Systems
Windows 10 Version 1809 for 32-bit Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server, version 1903 (Server Core installation)
Windows 10 for 32-bit Systems
Windows 7 for 32-bit Systems Service Pack 1
Windows 10 Version 1607 for x64-based Systems
Windows Server 2019
Windows Server 2008 for Itanium-Based Systems Service Pack 2
Windows Server 2016
Windows 10 Version 1909 for x64-based Systems
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows 10 Version 1709 for x64-based Systems
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows 10 Version 1909 for ARM64-based Systems
Windows Server 2016 (Server Core installation)
Windows 10 Version 1607 for 32-bit Systems
Windows Server 2012 R2
Windows 10 Version 1909 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 10 Version 1803 for x64-based Systems
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1
Windows 8.1 for 32-bit systems
Windows Server, version 1909 (Server Core installation)
Windows 10 Version 1709 for 32-bit Systems
Windows Server, version 1803 (Server Core Installation)
Windows RT 8.1
Windows 10 Version 1803 for ARM64-based Systems
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2019 (Server Core installation)
Windows 8.1 for x64-based systems
Windows Server 2012 (Server Core installation)
Windows 10 Version 1803 for 32-bit Systems
Windows 10 Version 1809 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2012
Windows Server 2012 R2 (Server Core installation)
Windows 10 Version 1709 for ARM64-based Systems

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2020-0987
CVE-2020-0985
CVE-2020-0982
CVE-2020-0983
CVE-2020-0981
CVE-2020-0960
CVE-2020-0962
CVE-2020-0956
CVE-2020-0964
CVE-2020-0965
CVE-2020-0988
CVE-2020-0942
CVE-2020-0959
CVE-2020-1015
CVE-2020-1014
CVE-2020-0946
CVE-2020-0947
CVE-2020-1011
CVE-2020-0958
CVE-2020-0907
CVE-2020-0948
CVE-2020-0949
CVE-2020-0889
CVE-2020-0945
CVE-2020-1007
CVE-2020-1094
CVE-2020-0784
CVE-2020-0910
CVE-2020-1003
CVE-2020-0913
CVE-2020-0687
CVE-2020-0953
CVE-2020-1029
CVE-2020-0995
CVE-2020-0994
CVE-2020-0944
CVE-2020-0996
CVE-2020-0993
CVE-2020-0992
CVE-2020-0821
CVE-2020-0999
CVE-2020-1000
CVE-2020-0950
CVE-2020-0939
CVE-2020-0952
CVE-2020-0955
CVE-2020-0918
CVE-2020-1006
CVE-2020-0888
CVE-2020-1008
CVE-2020-1009
CVE-2020-0917
CVE-2020-0937
CVE-2020-1027
CVE-2020-0936
CVE-2020-0934
CVE-2020-1020
CVE-2020-1017
CVE-2020-1016
CVE-2020-0794
CVE-2020-0940
CVE-2020-0938
CVE-2020-1001
CVE-2020-1004
CVE-2020-0699
CVE-2020-1005

Impacts:

ACE

Related products:

Microsoft Windows

CVE-IDS:

CVE-2020-09872.1Warning
CVE-2020-09822.1Warning
CVE-2020-08899.3Critical
CVE-2020-09609.3Critical
CVE-2020-09622.1Warning
CVE-2020-10072.1Warning
CVE-2020-09649.3Critical
CVE-2020-09654.6Warning
CVE-2020-09889.3Critical
CVE-2020-09599.3Critical
CVE-2020-10157.2High
CVE-2020-10147.2High
CVE-2020-09464.3Warning
CVE-2020-10117.2High
CVE-2020-10097.2High
CVE-2020-09079.3Critical
CVE-2020-10947.2High
CVE-2020-06879.3Critical
CVE-2020-09959.3Critical
CVE-2020-09949.3Critical
CVE-2020-09936.8High
CVE-2020-09929.3Critical
CVE-2020-08212.1Warning
CVE-2020-09999.3Critical
CVE-2020-10007.2High
CVE-2020-09539.3Critical
CVE-2020-09524.3Warning
CVE-2020-10047.2High
CVE-2020-10052.1Warning
CVE-2020-09567.2High
CVE-2020-10089.3Critical
CVE-2020-09587.2High
CVE-2020-10206.8High
CVE-2020-10277.2High
CVE-2020-09386.8High
CVE-2020-09552.1Warning
CVE-2020-09857.2High
CVE-2020-09837.2High
CVE-2020-09814.6Warning
CVE-2020-09423.6Warning
CVE-2020-09474.3Warning
CVE-2020-09489.3Critical
CVE-2020-09499.3Critical
CVE-2020-09454.3Warning
CVE-2020-07847.2High
CVE-2020-09107.7Critical
CVE-2020-10037.2High
CVE-2020-09137.2High
CVE-2020-10297.2High
CVE-2020-09444.6Warning
CVE-2020-09967.2High
CVE-2020-09509.3Critical
CVE-2020-09394.3Warning
CVE-2020-09187.4High
CVE-2020-10067.2High
CVE-2020-08887.2High
CVE-2020-09177.4High
CVE-2020-09374.3Warning
CVE-2020-09363.6Warning
CVE-2020-09344.6Warning
CVE-2020-10177.2High
CVE-2020-10162.1Warning
CVE-2020-07944.9Warning
CVE-2020-09407.2High
CVE-2020-10017.2High
CVE-2020-06992.1Warning

KB list:

4549949
4550927
4550929
4550917
4549951
4550971
4550961
4550922
4550930
4550970
4571692
4571694

Microsoft official advisories: