Lucene search

K
kasperskyKaspersky LabKLA12004
HistoryNov 10, 2020 - 12:00 a.m.

KLA12004 Multiple vulnerabilities in Microsoft Windows

2020-11-1000:00:00
Kaspersky Lab
threats.kaspersky.com
75
microsoft windows
vulnerabilities
remote code execution
elevation of privilege
information disclosure
security restrictions bypass
denial of service
ui spoofing
sensitive information
microsoft defender for endpoint
windows hyper-v
kerberos kdc
heif image extensions
webp image extensions
hevc video extensions
remote desktop protocol client
win32k
ndis
msctf server
windows graphics component
gdi+

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.365

Percentile

97.3%

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

  1. An information disclosure vulnerability in Microsoft Raw Image Extension can be exploited remotely to obtain sensitive information.
  2. A remote code execution vulnerability in Raw Image Extension can be exploited remotely to execute arbitrary code.
  3. An elevation of privilege vulnerability in Windows USO Core Worker can be exploited remotely to gain privileges.
  4. A security feature bypass vulnerability in Kerberos KDC can be exploited remotely to bypass security restrictions.
  5. An elevation of privilege vulnerability in Windows Kernel Local can be exploited remotely to gain privileges.
  6. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
  7. An information disclosure vulnerability in Windows KernelStream can be exploited remotely to obtain sensitive information.
  8. A denial of service vulnerability in Windows Error Reporting can be exploited remotely to cause denial of service.
  9. A denial of service vulnerability in Windows Network File System can be exploited remotely to cause denial of service.
  10. A security feature bypass vulnerability in Windows Hyper-V can be exploited remotely to bypass security restrictions.
  11. An elevation of privilege vulnerability in Windows Print Configuration can be exploited remotely to gain privileges.
  12. A remote code execution vulnerability in Windows Print Spooler can be exploited remotely to execute arbitrary code.
  13. An elevation of privilege vulnerability in Windows Remote Access can be exploited remotely to gain privileges.
  14. A remote code execution vulnerability in HEIF Image Extensions can be exploited remotely to execute arbitrary code.
  15. An information disclosure vulnerability in WebP Image Extensions can be exploited remotely to obtain sensitive information.
  16. A remote code execution vulnerability in HEVC Video Extensions can be exploited remotely to execute arbitrary code.
  17. An information disclosure vulnerability in Windows Canonical Display Driver can be exploited remotely to obtain sensitive information.
  18. An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely to obtain sensitive information.
  19. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
  20. An elevation of privilege vulnerability in Windows Client Side Rendering Print Provider can be exploited remotely to gain privileges.
  21. An information disclosure vulnerability in Windows Graphics Component can be exploited remotely to obtain sensitive information.
  22. A remote code execution vulnerability in Windows GDI+ can be exploited remotely to execute arbitrary code.
  23. An elevation of privilege vulnerability in Windows Error Reporting can be exploited remotely to gain privileges.
  24. An information disclosure vulnerability in Windows NDIS can be exploited remotely to obtain sensitive information.
  25. An information disclosure vulnerability in Windows WalletService can be exploited remotely to obtain sensitive information.
  26. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
  27. A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
  28. A security feature bypass vulnerability in Microsoft Defender for Endpoint can be exploited remotely to bypass security restrictions.
  29. An information disclosure vulnerability in Windows MSCTF Server can be exploited remotely to obtain sensitive information.
  30. A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
  31. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
  32. An information disclosure vulnerability in Windows Network File System can be exploited remotely to obtain sensitive information.
  33. An elevation of privilege vulnerability in Windows Update Medic Service can be exploited remotely to gain privileges.
  34. An elevation of privilege vulnerability in Windows Update Orchestrator Service can be exploited remotely to gain privileges.
  35. An information disclosure vulnerability in Win32k can be exploited remotely to obtain sensitive information.
  36. An elevation of privilege vulnerability in Windows Port Class Library can be exploited remotely to gain privileges.
  37. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
  38. An elevation of privilege vulnerability in Windows WalletService can be exploited remotely to gain privileges.
  39. An information disclosure vulnerability in Windows Function Discovery SSDP Provider can be exploited remotely to obtain sensitive information.
  40. An elevation of privilege vulnerability in DirectX can be exploited remotely to gain privileges.
  41. An information disclosure vulnerability in Remote Desktop Protocol Server can be exploited remotely to obtain sensitive information.
  42. An information disclosure vulnerability in Windows Delivery Optimization can be exploited remotely to obtain sensitive information.
  43. An information disclosure vulnerability in Windows Camera Codec can be exploited remotely to obtain sensitive information.
  44. An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely to gain privileges.
  45. A remote code execution vulnerability in AV1 Video Extension can be exploited remotely to execute arbitrary code.
  46. An elevation of privilege vulnerability in Windows Bind Filter Driver can be exploited remotely to gain privileges.

Original advisories

CVE-2020-17081

CVE-2020-17082

CVE-2020-17075

CVE-2020-17049

CVE-2020-17086

CVE-2020-17087

CVE-2020-17088

CVE-2020-17045

CVE-2020-17046

CVE-2020-17047

CVE-2020-17040

CVE-2020-17041

CVE-2020-17042

CVE-2020-17043

CVE-2020-17101

CVE-2020-17026

CVE-2020-17102

CVE-2020-17106

CVE-2020-17028

CVE-2020-17029

CVE-2020-17000

CVE-2020-17001

CVE-2020-17024

CVE-2020-17025

CVE-2020-17004

CVE-2020-17068

CVE-2020-17007

CVE-2020-17069

CVE-2020-16999

CVE-2020-17038

CVE-2020-17034

CVE-2020-1599

CVE-2020-17044

CVE-2020-17109

CVE-2020-17033

CVE-2020-17090

CVE-2020-17027

CVE-2020-17030

CVE-2020-17051

CVE-2020-17057

CVE-2020-17056

CVE-2020-17055

CVE-2020-17108

CVE-2020-17070

CVE-2020-17073

CVE-2020-17014

CVE-2020-17013

CVE-2020-17074

CVE-2020-17011

CVE-2020-17010

CVE-2020-17035

CVE-2020-17078

CVE-2020-17037

CVE-2020-17036

CVE-2020-17031

CVE-2020-16998

CVE-2020-17076

CVE-2020-17032

CVE-2020-16997

CVE-2020-17071

CVE-2020-17113

CVE-2020-17077

CVE-2020-17110

CVE-2020-17107

CVE-2020-17105

CVE-2020-17079

CVE-2020-17012

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Windows-RT

Microsoft-Windows-10

CVE list

CVE-2020-17043 high

CVE-2020-17069 high

CVE-2020-17087 high

CVE-2020-17088 high

CVE-2020-17045 high

CVE-2020-17051 critical

CVE-2020-17047 high

CVE-2020-17042 high

CVE-2020-1599 high

CVE-2020-17044 high

CVE-2020-16997 high

CVE-2020-17014 high

CVE-2020-17038 high

CVE-2020-17011 high

CVE-2020-17029 high

CVE-2020-17000 high

CVE-2020-17001 high

CVE-2020-17068 high

CVE-2020-17036 high

CVE-2020-17004 high

CVE-2020-17081 high

CVE-2020-17082 critical

CVE-2020-17075 critical

CVE-2020-17049 high

CVE-2020-17086 critical

CVE-2020-17046 high

CVE-2020-17040 high

CVE-2020-17041 high

CVE-2020-17101 critical

CVE-2020-17026 high

CVE-2020-17102 high

CVE-2020-17106 critical

CVE-2020-17028 high

CVE-2020-17024 high

CVE-2020-17025 high

CVE-2020-17007 high

CVE-2020-16999 high

CVE-2020-17034 high

CVE-2020-17109 critical

CVE-2020-17033 high

CVE-2020-17090 high

CVE-2020-17027 high

CVE-2020-17030 high

CVE-2020-17057 high

CVE-2020-17056 high

CVE-2020-17055 high

CVE-2020-17108 critical

CVE-2020-17070 critical

CVE-2020-17073 critical

CVE-2020-17013 high

CVE-2020-17074 critical

CVE-2020-17010 critical

CVE-2020-17035 critical

CVE-2020-17078 critical

CVE-2020-17037 critical

CVE-2020-17031 high

CVE-2020-16998 high

CVE-2020-17076 critical

CVE-2020-17032 high

CVE-2020-17071 high

CVE-2020-17113 high

CVE-2020-17077 critical

CVE-2020-17110 critical

CVE-2020-17107 critical

CVE-2020-17105 critical

CVE-2020-17079 critical

CVE-2020-17012 critical

KB list

4586785

4586793

4586787

4586786

4586781

4586830

4586845

4586823

4592449

5001337

5004238

5004237

5004244

5042880

5042881

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

  • ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

  • OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

  • DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

  • SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

  • PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

  • SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

  • Windows 10 Version 1909 for ARM64-based SystemsWindows Server 2019Windows 10 Version 1903 for ARM64-based SystemsWindows 8.1 for x64-based systemsWindows Server, version 1903 (Server Core installation)Raw Image ExtensionWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows Server 2012 R2 (Server Core installation)Windows 10 Version 1607 for x64-based SystemsWindows Server 2019 (Server Core installation)Windows 10 Version 1809 for 32-bit SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 20H2 for x64-based SystemsWindows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2Windows 10 for 32-bit SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1Windows 10 Version 2004 for ARM64-based SystemsAV1 Video ExtensionWindows 10 Version 20H2 for 32-bit SystemsWindows 10 Version 1909 for x64-based SystemsWindows RT 8.1WebP Image ExtensionWindows 10 Version 1803 for ARM64-based SystemsWindows Server, version 20H2 (Server Core Installation)Windows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2012 (Server Core installation)Windows 10 Version 2004 for x64-based SystemsWindows 10 Version 2004 for 32-bit SystemsWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1803 for x64-based SystemsHEVC Video ExtensionsWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows 10 for x64-based SystemsWindows Server 2012HEIF Image ExtensionWindows Server 2016 (Server Core installation)Windows 7 for x64-based Systems Service Pack 1Windows 8.1 for 32-bit systemsWindows Server 2012 R2Windows 10 Version 1903 for 32-bit SystemsWindows Server 2016Windows 10 Version 20H2 for ARM64-based SystemsWindows 10 Version 1909 for 32-bit SystemsWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server, version 2004 (Server Core installation)Windows 7 for 32-bit Systems Service Pack 1

References

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.365

Percentile

97.3%