November 10, 2020—KB4586805 (Security-only update)

2020-11-10T08:00:00

Description

None **IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. **NEW 11/10/20** For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 SP1 and Windows Server 2008 R2 SP1 update history [home page](<https://support.microsoft.com/help/4009469>). ## Improvements and fixes This security update includes quality improvements. Key changes include: * Corrects the DST start date for the Fiji Islands to December 20, 2020. * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, “The request is not supported.” in event ID 372 in the PrintService\Admin event log. To address this issue going forward, make sure your applications or services run as a specific user or service account. * Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, Windows Hybrid Storage Services, and Windows Remote Desktop. For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website. ## Known issues in this update **Symptom**| **Workaround** ---|--- After installing this update and restarting your device, you might receive the error, “Failure to configure Windows updates. Reverting Changes. Do not turn off your computer,” and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances: * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>). * If you do not have an ESU MAK add-on key installed and activated. If you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the "How to get this update" section of this article. Certain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, “STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)”. This occurs when you perform the operation on a CSV owner node from a process that doesn’t have administrator privilege.| Do one of the following: * Perform the operation from a process that has administrator privilege. * Perform the operation from a node that doesn’t have CSV ownership. Microsoft is working on a resolution and will provide an update in an upcoming release. ## How to get this update **Before installing this update** **IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:For more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>). * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020. * For Windows Embedded Standard 7, extended support ends on October 13, 2020. **Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes. 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed. 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>). 3. The August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU. To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Important** For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates. 4. To get this security update, you must reinstall the "Extended Security Updates (ESU) Licensing Preparation Package" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the "Update for the Extended Security Updates (ESU) Licensing Preparation Package" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). After installing the items above, Microsoft strongly recommends that you install the _latest_ SSU ([KB4580970](<https://support.microsoft.com/help/4580970>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>). **REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)). **Install this update****Release Channel**| **Available**| **Next Step** ---|---|--- Windows Update and Microsoft Update| No| See the other options below. Microsoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586805>) website. Windows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates **File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4586805](<https://download.microsoft.com/download/3/9/e/39e80bdf-ce89-4ee2-b663-0b6fc620975c/4586805.csv>).

{"id": "KB4586805", "vendorId": null, "type": "mskb", "bulletinFamily": "microsoft", "title": "November 10, 2020\u2014KB4586805 (Security-only update)", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\n**NEW 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 SP1 and Windows Server 2008 R2 SP1 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Corrects the DST start date for the Fiji Islands to December 20, 2020.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue going forward, make sure your applications or services run as a specific user or service account.\n * Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, Windows Hybrid Storage Services, and Windows Remote Desktop.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer,\u201d and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**\n\n**IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:For more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\n\n**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU. To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). \n \n**Important** For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates. \n\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the _latest_ SSU ([KB4580970](<https://support.microsoft.com/help/4580970>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).\n\n**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)).\n\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586805>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4586805](<https://download.microsoft.com/download/3/9/e/39e80bdf-ce89-4ee2-b663-0b6fc620975c/4586805.csv>).\n", "published": "2020-11-10T08:00:00", "modified": "2020-11-10T08:00:00", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "LOCAL", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 4.6}, "severity": "MEDIUM", "exploitabilityScore": 3.9, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}, "href": "https://support.microsoft.com/en-us/help/4586805", "reporter": "Microsoft", "references": [], "cvelist": ["CVE-2020-17088"], "immutableFields": [], "lastseen": "2022-08-24T11:30:45", "viewCount": 50, "enchantments": {"dependencies": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2020-1176"]}, {"type": "cve", "idList": ["CVE-2020-17088"]}, {"type": "kaspersky", "idList": ["KLA12003", "KLA12004"]}, {"type": "mscve", "idList": ["MS:CVE-2020-17088"]}, {"type": "mskb", "idList": ["KB4586807", "KB4586808", "KB4586817", "KB4586823"]}, {"type": "nessus", "idList": ["SMB_NT_MS20_NOV_4586781.NASL", "SMB_NT_MS20_NOV_4586785.NASL", "SMB_NT_MS20_NOV_4586786.NASL", "SMB_NT_MS20_NOV_4586787.NASL", "SMB_NT_MS20_NOV_4586793.NASL", "SMB_NT_MS20_NOV_4586817.NASL", "SMB_NT_MS20_NOV_4586827.NASL", "SMB_NT_MS20_NOV_4586830.NASL", "SMB_NT_MS20_NOV_4586834.NASL", "SMB_NT_MS20_NOV_4586845.NASL"]}]}, "score": {"value": -0.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "checkpoint_advisories", "idList": ["CPAI-2020-1176"]}, {"type": "cve", "idList": ["CVE-2020-17088"]}, {"type": "kaspersky", "idList": ["KLA12004"]}, {"type": "mscve", "idList": ["MS:CVE-2020-17088"]}, {"type": "mskb", "idList": ["KB4570673", "KB4575903"]}, {"type": "nessus", "idList": ["MICROSOFT_OFFICE_UNSUPPORTED.NASL"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2020-17088", "epss": "0.000430000", "percentile": "0.073850000", "modified": "2023-03-16"}], "vulnersScore": -0.1}, "_state": {"dependencies": 1661340660, "score": 1661340841, "epss": 1679062491}, "_internal": {"score_hash": "b5d917aac939a93cbd6cebe5fb208813"}, "kb": "KB4586805", "msrc": "", "mscve": "CVE-2020-17088", "msplatform": "", "msfamily": "ESU", "msimpact": "Elevation of Privilege", "msseverity": "Important", "superseeds": ["KB2296199", "KB3192321", "KB3023562", "KB981852", "KB2207566", "KB925486", "KB2658846", "KB979559", "KB2893984", "KB2536275", "KB2570791", "KB2709162", "KB968537", "KB2724197", "KB2556532", "KB3069762", "KB2659262", "KB2847311", "KB958869", "KB957097", "KB2835361", "KB969947", "KB955839", "KB3153171", "KB3130896", "KB3177725", "KB3177723", "KB3061518", "KB2555917", "KB917159", "KB3175024", "KB3057839", "KB2436673", "KB2850851", "KB2633171", "KB2585542", "KB3153731", "KB979683", "KB951072", "KB3167679", "KB2876315", "KB981957", "KB3050514", "KB3002885", "KB3045999", "KB3153199", "KB2536276", "KB3000061", "KB3203884", "KB4020322", "KB3145739", "KB3177186", "KB2676562", "KB4049068", "KB3088195", "KB3162835", "KB931784", "KB2731847", "KB957095", "KB980232", "KB2761226", "KB3161561", "KB2660465", "KB3032323", "KB2779030", "KB3070102", "KB2829361", "KB2507618", "KB2778930", "KB2412687", "KB2641653", "KB933729", "KB3033395", "KB3124000", "KB2855844", "KB2992611", "KB2904266", "KB4012864", "KB2633952", "KB2778344", "KB3126446", "KB3077657", "KB3182203", "KB4339284", "KB976098", "KB958687", "KB971486", "KB2849470", "KB2443685", "KB956841", "KB2799494", "KB2707511", "KB982802", "KB979306", "KB2868626", "KB3045171", "KB2506223", "KB920958", "KB4130978", "KB3170377", "KB2718523", "KB3121212", "KB2158563", "KB981793", "KB942763", "KB3046049", "KB2808735", "KB2360937", "KB954211", "KB3081320", "KB3140735", "KB3156017", "KB960225", "KB3101746", "KB2813170", "KB2160329", "KB3126041", "KB978251", "KB914389", "KB2883150", "KB2753842", "KB3087135", "KB2639417", "KB2834886", "KB3034344", "KB938127", "KB3109094", "KB2957503", "KB2859537", "KB2813345", "KB970238", "KB3148851", "KB971468", "KB2976897", "KB3073921", "KB2655992", "KB2485376", "KB2508429", "KB933360", "KB929969", "KB3121918", "KB3079904", "KB980436", "KB2930275", "KB938464", "KB3035131", "KB970653", "KB3139852", "KB4074837", "KB3161664", "KB2479628", "KB3013455", "KB2511455", "KB2981580", "KB3101246", "KB4015193", "KB2279986", "KB2525694", "KB3075220", "KB2839229", "KB4093753", "KB3097877", "KB2567053", "KB3067904", "KB977165", "KB958690", "KB4051956", "KB2393802", "KB3168965", "KB982214", "KB2779562", "KB2756822", "KB2863058", "KB923414", "KB3140410", "KB2876284", "KB3134214"], "parentseeds": [], "msproducts": ["10049", "10051", "10048", "10047"], "affectedProducts": ["Windows Server 2008 R2 for x64-based Systems Service Pack 1", "Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)", "Windows 7 for 32-bit Systems Service Pack 1", "Windows 7 for x64-based Systems Service Pack 1"], "supportAreaPaths": [], "supportAreaPathNodes": [], "primarySupportAreaPath": []}

{"checkpoint_advisories": [{"lastseen": "2022-02-16T19:37:05", "description": "An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2020-17088)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17088"], "modified": "2020-11-10T00:00:00", "id": "CPAI-2020-1176", "href": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "mskb": [{"lastseen": "2023-03-15T10:40:29", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\n**NEW 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2008 Service Pack 2 update history [home page](<https://support.microsoft.com/help/4343218>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4580378](<https://support.microsoft.com/help/4580378>) (released October 13, 2020) and addresses the following issues:\n\n * Corrects the DST start date for the Fiji Islands to December 20, 2020.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue going forward, make sure your applications or services run as a specific user or service account.\n * Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, and Windows Hybrid Storage Services.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update****IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The August 11, 2020 SSU ([KB4572374](<https://support.microsoft.com/help/4572374>)) or later. To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n 4. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) released February 11, 2020. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the _latest _SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586807>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4586807](<https://download.microsoft.com/download/8/8/2/882a5b05-00ee-4d46-ad36-5db4a9b321dd/4586807.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586807 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17088"], "modified": "2020-11-10T08:00:00", "id": "KB4586807", "href": "https://support.microsoft.com/en-us/help/4586807", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-24T11:30:46", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\n**NEW 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2008 Service Pack 2 update history [home page](<https://support.microsoft.com/help/4343218>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Corrects the DST start date for the Fiji Islands to December 20, 2020.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue going forward, make sure your applications or services run as a specific user or service account.\n * Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, and Windows Hybrid Storage Services.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update****IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The August 11, 2020 SSU ([KB4572374](<https://support.microsoft.com/help/4572374>)) or later. To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\n 4. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) released February 11, 2020. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, we strongly recommend that you install the _latest_ SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).\n\n**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)).\n\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586817>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4586817](<https://download.microsoft.com/download/9/1/4/9143faf7-d55c-40e0-9dfd-f0cd6e37f7d8/4586817.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586817 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17088"], "modified": "2020-11-10T08:00:00", "id": "KB4586817", "href": "https://support.microsoft.com/en-us/help/4586817", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-24T11:30:47", "description": "None\n**IMPORTANT** Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\n**NEW 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Corrects the DST start date for the Fiji Islands to December 20, 2020.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue going forward, make sure your applications or services run as a specific user or service account.\n * Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, Windows Hybrid Storage Services, and Windows Remote Desktop.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication and ticket renewal issues. This is caused by an issue in how [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049>) was addressed in these updates.For specific symptoms and behaviors related to this issue, please see the [Windows release health](<https://docs.microsoft.com/windows/release-information/status-windows-8.1-and-windows-server-2012-r2#1522msgdesc>) page. **Note **This issue only affects Windows Servers, Windows 10 devices and applications in enterprise environments.| This issue is resolved in KB4594439. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566425](<https://support.microsoft.com/help/4566425>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). \n\n**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)).\n\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586823>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4586823](<https://download.microsoft.com/download/f/a/9/fa9ab938-dc38-44c6-84de-f5a964c3d8b2/4586823.csv>). \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586823 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2020-17088"], "modified": "2020-11-10T08:00:00", "id": "KB4586823", "href": "https://support.microsoft.com/en-us/help/4586823", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2022-08-24T11:30:46", "description": "None\n**IMPORTANT** Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\n**NEW 11/10/20** \nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Corrects the DST start date for the Fiji Islands to December 20, 2020.\n * Addresses a security vulnerability by preventing applications that run as a SYSTEM account from printing to local ports that point to a file. Failing print jobs log error 50, \u201cThe request is not supported.\u201d in event ID 372 in the PrintService\\Admin event log. To address this issue going forward, make sure your applications or services run as a specific user or service account.\n * Security updates to Windows Graphics, Windows Silicon Platform, Windows Authentication, Windows Core Networking, Windows Peripherals, Windows Network Security and Containers, Windows Hybrid Storage Services, and Windows Remote Desktop.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \nAfter installing this update on domain controllers (DCs) and read-only domain controllers (RODCs) in your environment, you might encounter Kerberos authentication and ticket renewal issues. This is caused by an issue in how [CVE-2020-17049](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17049>) was addressed in these updates.For specific symptoms and behaviors related to this issue, please see the [Windows release health](<https://docs.microsoft.com/windows/release-information/status-windows-server-2012#1522msgdesc>) page. **Note **This issue only affects Windows Servers, Windows 10 devices and applications in enterprise environments.| This issue is resolved in KB4594438. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566426](<https://support.microsoft.com/help/4566426>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). \n\n**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)).\n\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4586808>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Update \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4586808](<https://download.microsoft.com/download/7/6/6/766e60b6-effb-432b-93ef-d280852cafe1/4586808.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mskb", "title": "November 10, 2020\u2014KB4586808 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17049", "CVE-2020-17088"], "modified": "2020-11-10T08:00:00", "id": "KB4586808", "href": "https://support.microsoft.com/en-us/help/4586808", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2023-03-17T02:35:14", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T08:00:00", "type": "mscve", "title": "Windows Common Log File System Driver Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17088"], "modified": "2020-11-10T08:00:00", "id": "MS:CVE-2020-17088", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17088", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "cve": [{"lastseen": "2023-02-09T15:09:02", "description": "Windows Common Log File System Driver Elevation of Privilege Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-11T07:15:00", "type": "cve", "title": "CVE-2020-17088", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17088"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:r2"], "id": "CVE-2020-17088", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17088", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*"]}], "cnvd": [{"lastseen": "2022-11-05T08:30:10", "description": "Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, an operating system for personal devices, and Microsoft Windows Server, a server operating system. An elevation of privilege vulnerability exists in the Common Log File System driver in Microsoft Windows/Windows Server, which could be exploited by an attacker to compromise confidentiality, integrity, and availability.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-12T00:00:00", "type": "cnvd", "title": "Microsoft Windows/Windows Server Elevation of Privilege Vulnerability (CNVD-2021-90796)", "bulletinFamily": "cnvd", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17088"], "modified": "2021-11-25T00:00:00", "id": "CNVD-2021-90796", "href": "https://www.cnvd.org.cn/flaw/show/CNVD-2021-90796", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-02-10T14:53:13", "description": "The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586817: Windows Server 2008 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17011", "CVE-2020-17014", "CVE-2020-17036", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17045", "CVE-2020-17051", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17087", "CVE-2020-17088"], "modified": "2021-11-30T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586817.NASL", "href": "https://www.tenable.com/plugins/nessus/142679", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142679);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17011\",\n \"CVE-2020-17014\",\n \"CVE-2020-17036\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17045\",\n \"CVE-2020-17051\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\"\n );\n script_xref(name:\"MSKB\", value:\"4586817\");\n script_xref(name:\"MSKB\", value:\"4586807\");\n script_xref(name:\"MSFT\", value:\"MS20-4586817\");\n script_xref(name:\"MSFT\", value:\"MS20-4586807\");\n script_xref(name:\"IAVA\", value:\"2020-A-0513-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0135\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"KB4586817: Windows Server 2008 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows installation on the remote host is missing security update 4586781. It is, therefore,\n affected by multiple vulnerabilities. Please review the vendor advisory for more details.\");\n # https://support.microsoft.com/en-us/help/4586817/windows-server-2008-update\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?49b35330\");\n # https://support.microsoft.com/en-us/help/4586807/windows-server-2008-update\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a85048a0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4586817 or Cumulative Update KB4586807.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586817', '4586807');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.0\",\n sp:2,\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586817, 4586807])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T14:51:51", "description": "The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586805: Windows 7 and Windows Server 2008 R2 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17011", "CVE-2020-17014", "CVE-2020-17029", "CVE-2020-17036", "CVE-2020-17038", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17047", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17087", "CVE-2020-17088"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586827.NASL", "href": "https://www.tenable.com/plugins/nessus/142683", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142683);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17011\",\n \"CVE-2020-17014\",\n \"CVE-2020-17029\",\n \"CVE-2020-17036\",\n \"CVE-2020-17038\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17047\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\"\n );\n script_xref(name:\"MSKB\", value:\"4586827\");\n script_xref(name:\"MSKB\", value:\"4586805\");\n script_xref(name:\"MSFT\", value:\"MS20-4586827\");\n script_xref(name:\"MSFT\", value:\"MS20-4586805\");\n script_xref(name:\"IAVA\", value:\"2020-A-0513-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0135\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"KB4586805: Windows 7 and Windows Server 2008 R2 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows installation on the remote host is missing security update 4586781. It is, therefore,\n affected by multiple vulnerabilities. Please review the vendor advisory for more details.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4586827/windows-7-update\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4586805/windows-7-update\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4586805 or Cumulative Update KB4586827.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586827', '4586805');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.1\",\n sp:1,\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586827, 4586805])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T14:53:47", "description": "The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586808: Windows Server 2012 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17011", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17029", "CVE-2020-17036", "CVE-2020-17038", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17047", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17056", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17088"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586834.NASL", "href": "https://www.tenable.com/plugins/nessus/142687", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142687);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17011\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17029\",\n \"CVE-2020-17036\",\n \"CVE-2020-17038\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17047\",\n \"CVE-2020-17049\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17056\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17088\"\n );\n script_xref(name:\"MSKB\", value:\"4586808\");\n script_xref(name:\"MSKB\", value:\"4586834\");\n script_xref(name:\"MSFT\", value:\"MS20-4586808\");\n script_xref(name:\"MSFT\", value:\"MS20-4586834\");\n script_xref(name:\"IAVA\", value:\"2020-A-0513-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0135\");\n\n script_name(english:\"KB4586808: Windows Server 2012 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows installation on the remote host is missing security update 4586781. It is, therefore,\n affected by multiple vulnerabilities. Please review the vendor advisory for more details.\");\n # https://support.microsoft.com/en-us/help/4586808/windows-server-2012-update\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d0d6d9b2\");\n # https://support.microsoft.com/en-us/help/4586834/windows-server-2012-update\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?82b0555c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4586808 or Cumulative Update KB4586834.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586808', '4586834');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.2\",\n sp:0,\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586808, 4586834])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T14:52:43", "description": "The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586823: Windows 8.1 and Windows Server 2012 R2 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17011", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17036", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17047", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17087", "CVE-2020-17088"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586845.NASL", "href": "https://www.tenable.com/plugins/nessus/142686", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142686);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17011\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17025\",\n \"CVE-2020-17026\",\n \"CVE-2020-17027\",\n \"CVE-2020-17028\",\n \"CVE-2020-17029\",\n \"CVE-2020-17031\",\n \"CVE-2020-17032\",\n \"CVE-2020-17033\",\n \"CVE-2020-17034\",\n \"CVE-2020-17036\",\n \"CVE-2020-17038\",\n \"CVE-2020-17040\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17047\",\n \"CVE-2020-17049\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17055\",\n \"CVE-2020-17056\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\"\n );\n script_xref(name:\"MSKB\", value:\"4586823\");\n script_xref(name:\"MSKB\", value:\"4586845\");\n script_xref(name:\"MSFT\", value:\"MS20-4586823\");\n script_xref(name:\"MSFT\", value:\"MS20-4586845\");\n script_xref(name:\"IAVA\", value:\"2020-A-0513-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0135\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"KB4586823: Windows 8.1 and Windows Server 2012 R2 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows installation on the remote host is missing security update 4586781. It is, therefore,\n affected by multiple vulnerabilities. Please review the vendor advisory for more details.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4586823/windows-8-1-update\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4586845/windows-8-1-update\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4586823 or Cumulative Update KB4586845.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586823', '4586845');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit(\"SMB/ProductName\", exit_code:1);\nif (\"Windows 8\" >< productname && \"8.1\" >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"6.3\",\n sp:0,\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586823, 4586845])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T14:53:09", "description": "The Microsoft 4586787 Product is missing security updates.\n\n - Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2020-16997)\n\n - DirectX Elevation of Privilege Vulnerability (CVE-2020-16998)\n\n - Windows WalletService Information Disclosure Vulnerability (CVE-2020-16999)\n\n - Remote Desktop Protocol Client Information Disclosure Vulnerability (CVE-2020-17000)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.\n (CVE-2020-17001)\n\n - Windows Graphics Component Information Disclosure Vulnerability (CVE-2020-17004)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044. (CVE-2020-17055)\n\n - Windows Network File System Information Disclosure Vulnerability (CVE-2020-17056)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2020-17068)\n\n - Windows NDIS Information Disclosure Vulnerability (CVE-2020-17069)\n\n - Windows Delivery Optimization Information Disclosure Vulnerability (CVE-2020-17071)\n\n - Windows USO Core Worker Elevation of Privilege Vulnerability (CVE-2020-17075)\n\n - Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2020-17087)\n\n - Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2020-17088)\n\n - Windows Camera Codec Information Disclosure Vulnerability (CVE-2020-17113)\n\n - Windows Spoofing Vulnerability (CVE-2020-1599)\n\n - Windows Error Reporting Elevation of Privilege Vulnerability (CVE-2020-17007)\n\n - Windows Port Class Library Elevation of Privilege Vulnerability (CVE-2020-17011)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.\n (CVE-2020-17014)\n\n - Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability (CVE-2020-17024)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17025)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17026)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17027)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17028)\n\n - Windows Canonical Display Driver Information Disclosure Vulnerability (CVE-2020-17029)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17031)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17032)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17033)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17034)\n\n - Windows Function Discovery SSDP Provider Information Disclosure Vulnerability (CVE-2020-17036)\n\n - Windows WalletService Elevation of Privilege Vulnerability (CVE-2020-17037)\n\n - Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010. (CVE-2020-17038)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2020-17040)\n\n - Windows Print Configuration Elevation of Privilege Vulnerability (CVE-2020-17041)\n\n - Windows Print Spooler Remote Code Execution Vulnerability (CVE-2020-17042)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17043)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17055. (CVE-2020-17044)\n\n - Windows KernelStream Information Disclosure Vulnerability (CVE-2020-17045)\n\n - Windows Error Reporting Denial of Service Vulnerability (CVE-2020-17046)\n\n - Windows Network File System Denial of Service Vulnerability (CVE-2020-17047)\n\n - Scripting Engine Memory Corruption Vulnerability (CVE-2020-17052)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048.\n (CVE-2020-17054)\n\n - Microsoft Browser Memory Corruption Vulnerability (CVE-2020-17058)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586787: Windows 10 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-16998", "CVE-2020-16999", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17007", "CVE-2020-17010", "CVE-2020-17011", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17036", "CVE-2020-17037", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17046", "CVE-2020-17047", "CVE-2020-17048", "CVE-2020-17052", "CVE-2020-17054", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17058", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17071", "CVE-2020-17075", "CVE-2020-17087", "CVE-2020-17088", "CVE-2020-17113"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586787.NASL", "href": "https://www.tenable.com/plugins/nessus/142681", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142681);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-16998\",\n \"CVE-2020-16999\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17007\",\n \"CVE-2020-17011\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17025\",\n \"CVE-2020-17026\",\n \"CVE-2020-17027\",\n \"CVE-2020-17028\",\n \"CVE-2020-17029\",\n \"CVE-2020-17031\",\n \"CVE-2020-17032\",\n \"CVE-2020-17033\",\n \"CVE-2020-17034\",\n \"CVE-2020-17036\",\n \"CVE-2020-17037\",\n \"CVE-2020-17038\",\n \"CVE-2020-17040\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17046\",\n \"CVE-2020-17047\",\n \"CVE-2020-17052\",\n \"CVE-2020-17054\",\n \"CVE-2020-17055\",\n \"CVE-2020-17056\",\n \"CVE-2020-17058\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17071\",\n \"CVE-2020-17075\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\",\n \"CVE-2020-17113\"\n );\n script_xref(name:\"MSKB\", value:\"4586787\");\n script_xref(name:\"MSFT\", value:\"MS20-4586787\");\n script_xref(name:\"IAVA\", value:\"2020-A-0512-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0135\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"KB4586787: Windows 10 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft 4586787 Product is missing security updates.\n\n - Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2020-16997)\n\n - DirectX Elevation of Privilege Vulnerability (CVE-2020-16998)\n\n - Windows WalletService Information Disclosure Vulnerability (CVE-2020-16999)\n\n - Remote Desktop Protocol Client Information Disclosure Vulnerability (CVE-2020-17000)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.\n (CVE-2020-17001)\n\n - Windows Graphics Component Information Disclosure Vulnerability (CVE-2020-17004)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17043, CVE-2020-17044. (CVE-2020-17055)\n\n - Windows Network File System Information Disclosure Vulnerability (CVE-2020-17056)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2020-17068)\n\n - Windows NDIS Information Disclosure Vulnerability (CVE-2020-17069)\n\n - Windows Delivery Optimization Information Disclosure Vulnerability (CVE-2020-17071)\n\n - Windows USO Core Worker Elevation of Privilege Vulnerability (CVE-2020-17075)\n\n - Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2020-17087)\n\n - Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2020-17088)\n\n - Windows Camera Codec Information Disclosure Vulnerability (CVE-2020-17113)\n\n - Windows Spoofing Vulnerability (CVE-2020-1599)\n\n - Windows Error Reporting Elevation of Privilege Vulnerability (CVE-2020-17007)\n\n - Windows Port Class Library Elevation of Privilege Vulnerability (CVE-2020-17011)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.\n (CVE-2020-17014)\n\n - Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability (CVE-2020-17024)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026,\n CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17025)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17026)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17027)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17028)\n\n - Windows Canonical Display Driver Information Disclosure Vulnerability (CVE-2020-17029)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17031)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17032)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17033)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17034)\n\n - Windows Function Discovery SSDP Provider Information Disclosure Vulnerability (CVE-2020-17036)\n\n - Windows WalletService Elevation of Privilege Vulnerability (CVE-2020-17037)\n\n - Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010. (CVE-2020-17038)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2020-17040)\n\n - Windows Print Configuration Elevation of Privilege Vulnerability (CVE-2020-17041)\n\n - Windows Print Spooler Remote Code Execution Vulnerability (CVE-2020-17042)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17043)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17043, CVE-2020-17055. (CVE-2020-17044)\n\n - Windows KernelStream Information Disclosure Vulnerability (CVE-2020-17045)\n\n - Windows Error Reporting Denial of Service Vulnerability (CVE-2020-17046)\n\n - Windows Network File System Denial of Service Vulnerability (CVE-2020-17047)\n\n - Scripting Engine Memory Corruption Vulnerability (CVE-2020-17052)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048.\n (CVE-2020-17054)\n\n - Microsoft Browser Memory Corruption Vulnerability (CVE-2020-17058)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://support.microsoft.com/en-us/help/4586787/windows-10-update-kb4586787\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?05343312\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4586787.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17042\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-17040\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586787');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"10240\",\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586787])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T14:53:10", "description": "The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586793: Windows 10 Version 1809 and Windows Server 2019 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-16998", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17007", "CVE-2020-17011", "CVE-2020-17013", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17030", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17035", "CVE-2020-17036", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17046", "CVE-2020-17047", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17053", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17057", "CVE-2020-17058", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17070", "CVE-2020-17071", "CVE-2020-17075", "CVE-2020-17077", "CVE-2020-17087", "CVE-2020-17088", "CVE-2020-17090"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586793.NASL", "href": "https://www.tenable.com/plugins/nessus/142693", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142693);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-16998\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17007\",\n \"CVE-2020-17011\",\n \"CVE-2020-17013\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17025\",\n \"CVE-2020-17026\",\n \"CVE-2020-17027\",\n \"CVE-2020-17028\",\n \"CVE-2020-17029\",\n \"CVE-2020-17030\",\n \"CVE-2020-17031\",\n \"CVE-2020-17032\",\n \"CVE-2020-17033\",\n \"CVE-2020-17034\",\n \"CVE-2020-17035\",\n \"CVE-2020-17036\",\n \"CVE-2020-17038\",\n \"CVE-2020-17040\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17046\",\n \"CVE-2020-17047\",\n \"CVE-2020-17049\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17053\",\n \"CVE-2020-17055\",\n \"CVE-2020-17056\",\n \"CVE-2020-17057\",\n \"CVE-2020-17058\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17070\",\n \"CVE-2020-17071\",\n \"CVE-2020-17075\",\n \"CVE-2020-17077\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\",\n \"CVE-2020-17090\"\n );\n script_xref(name:\"MSKB\", value:\"4586793\");\n script_xref(name:\"MSFT\", value:\"MS20-4586793\");\n script_xref(name:\"IAVA\", value:\"2020-A-0512-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0513-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0135\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"KB4586793: Windows 10 Version 1809 and Windows Server 2019 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows installation on the remote host is missing security update 4586781. It is, therefore,\n affected by multiple vulnerabilities. Please review the vendor advisory for more details.\");\n # https://support.microsoft.com/en-us/help/4586793/windows-10-update-kb4586793\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?92d059c3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4586793.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586793');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17763\",\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586793])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T14:53:07", "description": "The Microsoft 4586830 Product is missing security updates.\n\n - Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2020-16997)\n\n - DirectX Elevation of Privilege Vulnerability (CVE-2020-16998)\n\n - Windows WalletService Information Disclosure Vulnerability (CVE-2020-16999)\n\n - Remote Desktop Protocol Client Information Disclosure Vulnerability (CVE-2020-17000)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.\n (CVE-2020-17001)\n\n - Windows Graphics Component Information Disclosure Vulnerability (CVE-2020-17004)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044. (CVE-2020-17055)\n\n - Windows Network File System Information Disclosure Vulnerability (CVE-2020-17056)\n\n - Windows Win32k Elevation of Privilege Vulnerability (CVE-2020-17057)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2020-17068)\n\n - Windows NDIS Information Disclosure Vulnerability (CVE-2020-17069)\n\n - Windows Delivery Optimization Information Disclosure Vulnerability (CVE-2020-17071)\n\n - Windows USO Core Worker Elevation of Privilege Vulnerability (CVE-2020-17075)\n\n - Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2020-17087)\n\n - Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2020-17088)\n\n - Windows Camera Codec Information Disclosure Vulnerability (CVE-2020-17113)\n\n - Windows Spoofing Vulnerability (CVE-2020-1599)\n\n - Windows Error Reporting Elevation of Privilege Vulnerability (CVE-2020-17007)\n\n - Windows Port Class Library Elevation of Privilege Vulnerability (CVE-2020-17011)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.\n (CVE-2020-17014)\n\n - Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability (CVE-2020-17024)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17025)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17026)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17027)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17028)\n\n - Windows Canonical Display Driver Information Disclosure Vulnerability (CVE-2020-17029)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17031)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17032)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17033)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17034)\n\n - Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-17035)\n\n - Windows Function Discovery SSDP Provider Information Disclosure Vulnerability (CVE-2020-17036)\n\n - Windows WalletService Elevation of Privilege Vulnerability (CVE-2020-17037)\n\n - Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010. (CVE-2020-17038)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2020-17040)\n\n - Windows Print Configuration Elevation of Privilege Vulnerability (CVE-2020-17041)\n\n - Windows Print Spooler Remote Code Execution Vulnerability (CVE-2020-17042)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17043)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17055. (CVE-2020-17044)\n\n - Windows KernelStream Information Disclosure Vulnerability (CVE-2020-17045)\n\n - Windows Error Reporting Denial of Service Vulnerability (CVE-2020-17046)\n\n - Windows Network File System Denial of Service Vulnerability (CVE-2020-17047)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17054.\n (CVE-2020-17048)\n\n - Kerberos Security Feature Bypass Vulnerability (CVE-2020-17049)\n\n - Windows Network File System Remote Code Execution Vulnerability (CVE-2020-17051)\n\n - Scripting Engine Memory Corruption Vulnerability (CVE-2020-17052)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048.\n (CVE-2020-17054)\n\n - Microsoft Browser Memory Corruption Vulnerability (CVE-2020-17058)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586830: Windows 10 Version 1607 and Windows Server 2016 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-16998", "CVE-2020-16999", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17007", "CVE-2020-17010", "CVE-2020-17011", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17035", "CVE-2020-17036", "CVE-2020-17037", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17046", "CVE-2020-17047", "CVE-2020-17048", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17054", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17057", "CVE-2020-17058", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17071", "CVE-2020-17075", "CVE-2020-17087", "CVE-2020-17088", "CVE-2020-17113"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586830.NASL", "href": "https://www.tenable.com/plugins/nessus/142690", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142690);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-16998\",\n \"CVE-2020-16999\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17007\",\n \"CVE-2020-17011\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17025\",\n \"CVE-2020-17026\",\n \"CVE-2020-17027\",\n \"CVE-2020-17028\",\n \"CVE-2020-17029\",\n \"CVE-2020-17031\",\n \"CVE-2020-17032\",\n \"CVE-2020-17033\",\n \"CVE-2020-17034\",\n \"CVE-2020-17035\",\n \"CVE-2020-17036\",\n \"CVE-2020-17037\",\n \"CVE-2020-17038\",\n \"CVE-2020-17040\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17046\",\n \"CVE-2020-17047\",\n \"CVE-2020-17048\",\n \"CVE-2020-17049\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17054\",\n \"CVE-2020-17055\",\n \"CVE-2020-17056\",\n \"CVE-2020-17057\",\n \"CVE-2020-17058\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17071\",\n \"CVE-2020-17075\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\",\n \"CVE-2020-17113\"\n );\n script_xref(name:\"MSKB\", value:\"4586830\");\n script_xref(name:\"MSFT\", value:\"MS20-4586830\");\n script_xref(name:\"IAVA\", value:\"2020-A-0512-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0513-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0135\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"KB4586830: Windows 10 Version 1607 and Windows Server 2016 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft 4586830 Product is missing security updates.\n\n - Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2020-16997)\n\n - DirectX Elevation of Privilege Vulnerability (CVE-2020-16998)\n\n - Windows WalletService Information Disclosure Vulnerability (CVE-2020-16999)\n\n - Remote Desktop Protocol Client Information Disclosure Vulnerability (CVE-2020-17000)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.\n (CVE-2020-17001)\n\n - Windows Graphics Component Information Disclosure Vulnerability (CVE-2020-17004)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17043, CVE-2020-17044. (CVE-2020-17055)\n\n - Windows Network File System Information Disclosure Vulnerability (CVE-2020-17056)\n\n - Windows Win32k Elevation of Privilege Vulnerability (CVE-2020-17057)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2020-17068)\n\n - Windows NDIS Information Disclosure Vulnerability (CVE-2020-17069)\n\n - Windows Delivery Optimization Information Disclosure Vulnerability (CVE-2020-17071)\n\n - Windows USO Core Worker Elevation of Privilege Vulnerability (CVE-2020-17075)\n\n - Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2020-17087)\n\n - Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2020-17088)\n\n - Windows Camera Codec Information Disclosure Vulnerability (CVE-2020-17113)\n\n - Windows Spoofing Vulnerability (CVE-2020-1599)\n\n - Windows Error Reporting Elevation of Privilege Vulnerability (CVE-2020-17007)\n\n - Windows Port Class Library Elevation of Privilege Vulnerability (CVE-2020-17011)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.\n (CVE-2020-17014)\n\n - Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability (CVE-2020-17024)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026,\n CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17025)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17026)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17027)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17028)\n\n - Windows Canonical Display Driver Information Disclosure Vulnerability (CVE-2020-17029)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17031)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17032)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17033)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17034)\n\n - Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-17035)\n\n - Windows Function Discovery SSDP Provider Information Disclosure Vulnerability (CVE-2020-17036)\n\n - Windows WalletService Elevation of Privilege Vulnerability (CVE-2020-17037)\n\n - Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010. (CVE-2020-17038)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2020-17040)\n\n - Windows Print Configuration Elevation of Privilege Vulnerability (CVE-2020-17041)\n\n - Windows Print Spooler Remote Code Execution Vulnerability (CVE-2020-17042)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17043)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17043, CVE-2020-17055. (CVE-2020-17044)\n\n - Windows KernelStream Information Disclosure Vulnerability (CVE-2020-17045)\n\n - Windows Error Reporting Denial of Service Vulnerability (CVE-2020-17046)\n\n - Windows Network File System Denial of Service Vulnerability (CVE-2020-17047)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17054.\n (CVE-2020-17048)\n\n - Kerberos Security Feature Bypass Vulnerability (CVE-2020-17049)\n\n - Windows Network File System Remote Code Execution Vulnerability (CVE-2020-17051)\n\n - Scripting Engine Memory Corruption Vulnerability (CVE-2020-17052)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048.\n (CVE-2020-17054)\n\n - Microsoft Browser Memory Corruption Vulnerability (CVE-2020-17058)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://support.microsoft.com/en-us/help/4586830/windows-10-update-kb4586830\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f8c32243\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4586830.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586830');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"14393\",\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586830])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T14:53:46", "description": "The Microsoft 4586785 Product is missing security updates.\n\n - Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2020-16997)\n\n - DirectX Elevation of Privilege Vulnerability (CVE-2020-16998)\n\n - Windows WalletService Information Disclosure Vulnerability (CVE-2020-16999)\n\n - Remote Desktop Protocol Client Information Disclosure Vulnerability (CVE-2020-17000)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.\n (CVE-2020-17001)\n\n - Windows Graphics Component Information Disclosure Vulnerability (CVE-2020-17004)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044. (CVE-2020-17055)\n\n - Windows Network File System Information Disclosure Vulnerability (CVE-2020-17056)\n\n - Windows Win32k Elevation of Privilege Vulnerability (CVE-2020-17057)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2020-17068)\n\n - Windows NDIS Information Disclosure Vulnerability (CVE-2020-17069)\n\n - Windows Update Medic Service Elevation of Privilege Vulnerability (CVE-2020-17070)\n\n - Windows Delivery Optimization Information Disclosure Vulnerability (CVE-2020-17071)\n\n - Windows USO Core Worker Elevation of Privilege Vulnerability (CVE-2020-17075)\n\n - Windows Update Stack Elevation of Privilege Vulnerability (CVE-2020-17077)\n\n - Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2020-17087)\n\n - Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2020-17088)\n\n - Microsoft Defender for Endpoint Security Feature Bypass Vulnerability (CVE-2020-17090)\n\n - Windows Camera Codec Information Disclosure Vulnerability (CVE-2020-17113)\n\n - Windows Spoofing Vulnerability (CVE-2020-1599)\n\n - Windows Error Reporting Elevation of Privilege Vulnerability (CVE-2020-17007)\n\n - Windows Port Class Library Elevation of Privilege Vulnerability (CVE-2020-17011)\n\n - Windows Bind Filter Driver Elevation of Privilege Vulnerability (CVE-2020-17012)\n\n - Win32k Information Disclosure Vulnerability (CVE-2020-17013)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.\n (CVE-2020-17014)\n\n - Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability (CVE-2020-17024)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17025)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17026)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17027)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17028)\n\n - Windows Canonical Display Driver Information Disclosure Vulnerability (CVE-2020-17029)\n\n - Windows MSCTF Server Information Disclosure Vulnerability (CVE-2020-17030)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17031)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17032)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17033)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17034)\n\n - Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-17035)\n\n - Windows Function Discovery SSDP Provider Information Disclosure Vulnerability (CVE-2020-17036)\n\n - Windows WalletService Elevation of Privilege Vulnerability (CVE-2020-17037)\n\n - Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010. (CVE-2020-17038)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2020-17040)\n\n - Windows Print Configuration Elevation of Privilege Vulnerability (CVE-2020-17041)\n\n - Windows Print Spooler Remote Code Execution Vulnerability (CVE-2020-17042)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17043)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17055. (CVE-2020-17044)\n\n - Windows KernelStream Information Disclosure Vulnerability (CVE-2020-17045)\n\n - Windows Error Reporting Denial of Service Vulnerability (CVE-2020-17046)\n\n - Windows Network File System Denial of Service Vulnerability (CVE-2020-17047)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17054.\n (CVE-2020-17048)\n\n - Scripting Engine Memory Corruption Vulnerability (CVE-2020-17052)\n\n - Internet Explorer Memory Corruption Vulnerability (CVE-2020-17053)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048.\n (CVE-2020-17054)\n\n - Microsoft Browser Memory Corruption Vulnerability (CVE-2020-17058)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586785: Windows 10 Version 1803 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-16998", "CVE-2020-16999", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17007", "CVE-2020-17010", "CVE-2020-17011", "CVE-2020-17012", "CVE-2020-17013", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17030", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17035", "CVE-2020-17036", "CVE-2020-17037", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17046", "CVE-2020-17047", "CVE-2020-17048", "CVE-2020-17052", "CVE-2020-17053", "CVE-2020-17054", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17057", "CVE-2020-17058", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17070", "CVE-2020-17071", "CVE-2020-17075", "CVE-2020-17077", "CVE-2020-17087", "CVE-2020-17088", "CVE-2020-17090", "CVE-2020-17113"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586785.NASL", "href": "https://www.tenable.com/plugins/nessus/142682", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142682);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-16998\",\n \"CVE-2020-16999\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17007\",\n \"CVE-2020-17011\",\n \"CVE-2020-17012\",\n \"CVE-2020-17013\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17025\",\n \"CVE-2020-17026\",\n \"CVE-2020-17027\",\n \"CVE-2020-17028\",\n \"CVE-2020-17029\",\n \"CVE-2020-17030\",\n \"CVE-2020-17031\",\n \"CVE-2020-17032\",\n \"CVE-2020-17033\",\n \"CVE-2020-17034\",\n \"CVE-2020-17035\",\n \"CVE-2020-17036\",\n \"CVE-2020-17037\",\n \"CVE-2020-17038\",\n \"CVE-2020-17040\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17046\",\n \"CVE-2020-17047\",\n \"CVE-2020-17048\",\n \"CVE-2020-17052\",\n \"CVE-2020-17053\",\n \"CVE-2020-17054\",\n \"CVE-2020-17055\",\n \"CVE-2020-17056\",\n \"CVE-2020-17057\",\n \"CVE-2020-17058\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17070\",\n \"CVE-2020-17071\",\n \"CVE-2020-17075\",\n \"CVE-2020-17077\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\",\n \"CVE-2020-17090\",\n \"CVE-2020-17113\"\n );\n script_xref(name:\"MSKB\", value:\"4586785\");\n script_xref(name:\"MSFT\", value:\"MS20-4586785\");\n script_xref(name:\"IAVA\", value:\"2020-A-0512-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0135\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"KB4586785: Windows 10 Version 1803 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Microsoft 4586785 Product is missing security updates.\n\n - Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2020-16997)\n\n - DirectX Elevation of Privilege Vulnerability (CVE-2020-16998)\n\n - Windows WalletService Information Disclosure Vulnerability (CVE-2020-16999)\n\n - Remote Desktop Protocol Client Information Disclosure Vulnerability (CVE-2020-17000)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.\n (CVE-2020-17001)\n\n - Windows Graphics Component Information Disclosure Vulnerability (CVE-2020-17004)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17043, CVE-2020-17044. (CVE-2020-17055)\n\n - Windows Network File System Information Disclosure Vulnerability (CVE-2020-17056)\n\n - Windows Win32k Elevation of Privilege Vulnerability (CVE-2020-17057)\n\n - Windows GDI+ Remote Code Execution Vulnerability (CVE-2020-17068)\n\n - Windows NDIS Information Disclosure Vulnerability (CVE-2020-17069)\n\n - Windows Update Medic Service Elevation of Privilege Vulnerability (CVE-2020-17070)\n\n - Windows Delivery Optimization Information Disclosure Vulnerability (CVE-2020-17071)\n\n - Windows USO Core Worker Elevation of Privilege Vulnerability (CVE-2020-17075)\n\n - Windows Update Stack Elevation of Privilege Vulnerability (CVE-2020-17077)\n\n - Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2020-17087)\n\n - Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2020-17088)\n\n - Microsoft Defender for Endpoint Security Feature Bypass Vulnerability (CVE-2020-17090)\n\n - Windows Camera Codec Information Disclosure Vulnerability (CVE-2020-17113)\n\n - Windows Spoofing Vulnerability (CVE-2020-1599)\n\n - Windows Error Reporting Elevation of Privilege Vulnerability (CVE-2020-17007)\n\n - Windows Port Class Library Elevation of Privilege Vulnerability (CVE-2020-17011)\n\n - Windows Bind Filter Driver Elevation of Privilege Vulnerability (CVE-2020-17012)\n\n - Win32k Information Disclosure Vulnerability (CVE-2020-17013)\n\n - Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.\n (CVE-2020-17014)\n\n - Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability (CVE-2020-17024)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026,\n CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17025)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17026)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17027)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17028)\n\n - Windows Canonical Display Driver Information Disclosure Vulnerability (CVE-2020-17029)\n\n - Windows MSCTF Server Information Disclosure Vulnerability (CVE-2020-17030)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17031)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17032)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17033)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17034)\n\n - Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-17035)\n\n - Windows Function Discovery SSDP Provider Information Disclosure Vulnerability (CVE-2020-17036)\n\n - Windows WalletService Elevation of Privilege Vulnerability (CVE-2020-17037)\n\n - Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010. (CVE-2020-17038)\n\n - Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2020-17040)\n\n - Windows Print Configuration Elevation of Privilege Vulnerability (CVE-2020-17041)\n\n - Windows Print Spooler Remote Code Execution Vulnerability (CVE-2020-17042)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17043)\n\n - Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025,\n CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033,\n CVE-2020-17034, CVE-2020-17043, CVE-2020-17055. (CVE-2020-17044)\n\n - Windows KernelStream Information Disclosure Vulnerability (CVE-2020-17045)\n\n - Windows Error Reporting Denial of Service Vulnerability (CVE-2020-17046)\n\n - Windows Network File System Denial of Service Vulnerability (CVE-2020-17047)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17054.\n (CVE-2020-17048)\n\n - Scripting Engine Memory Corruption Vulnerability (CVE-2020-17052)\n\n - Internet Explorer Memory Corruption Vulnerability (CVE-2020-17053)\n\n - Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048.\n (CVE-2020-17054)\n\n - Microsoft Browser Memory Corruption Vulnerability (CVE-2020-17058)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://support.microsoft.com/en-us/help/4586785/windows-10-update-kb4586785\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e7865164\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4586785.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17042\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-17090\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586785');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"17134\",\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586785])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T14:52:43", "description": "The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586781: Windows 10 Version 2004 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-16998", "CVE-2020-16999", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17007", "CVE-2020-17010", "CVE-2020-17011", "CVE-2020-17013", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17030", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17035", "CVE-2020-17036", "CVE-2020-17037", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17046", "CVE-2020-17047", "CVE-2020-17048", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17053", "CVE-2020-17054", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17057", "CVE-2020-17058", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17070", "CVE-2020-17071", "CVE-2020-17073", "CVE-2020-17074", "CVE-2020-17075", "CVE-2020-17076", "CVE-2020-17077", "CVE-2020-17087", "CVE-2020-17088", "CVE-2020-17090", "CVE-2020-17113"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586781.NASL", "href": "https://www.tenable.com/plugins/nessus/142684", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142684);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-16998\",\n \"CVE-2020-16999\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17007\",\n \"CVE-2020-17010\",\n \"CVE-2020-17011\",\n \"CVE-2020-17013\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17025\",\n \"CVE-2020-17026\",\n \"CVE-2020-17027\",\n \"CVE-2020-17028\",\n \"CVE-2020-17029\",\n \"CVE-2020-17030\",\n \"CVE-2020-17031\",\n \"CVE-2020-17032\",\n \"CVE-2020-17033\",\n \"CVE-2020-17034\",\n \"CVE-2020-17035\",\n \"CVE-2020-17036\",\n \"CVE-2020-17037\",\n \"CVE-2020-17038\",\n \"CVE-2020-17040\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17046\",\n \"CVE-2020-17047\",\n \"CVE-2020-17048\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17053\",\n \"CVE-2020-17054\",\n \"CVE-2020-17055\",\n \"CVE-2020-17056\",\n \"CVE-2020-17057\",\n \"CVE-2020-17058\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17070\",\n \"CVE-2020-17071\",\n \"CVE-2020-17073\",\n \"CVE-2020-17074\",\n \"CVE-2020-17075\",\n \"CVE-2020-17076\",\n \"CVE-2020-17077\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\",\n \"CVE-2020-17090\",\n \"CVE-2020-17113\"\n );\n script_xref(name:\"MSKB\", value:\"4586781\");\n script_xref(name:\"MSFT\", value:\"MS20-4586781\");\n script_xref(name:\"IAVA\", value:\"2020-A-0512-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0135\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"KB4586781: Windows 10 Version 2004 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows installation on the remote host is missing security update 4586781. It is, therefore,\n affected by multiple vulnerabilities. Please review the vendor advisory for more details.\");\n # https://support.microsoft.com/en-us/help/4586781/windows-10-update-kb4586781\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bdf4d2e0\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4586781.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586781');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"19041\",\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586781])\n||\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"19042\",\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586781])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T14:52:42", "description": "The Windows installation on the remote host is missing security update 4586781. It is, therefore, affected by multiple vulnerabilities. Please review the vendor advisory for more details.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "nessus", "title": "KB4586786: Windows 10 Version 1903 and Windows 10 Version 1909 November 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-16998", "CVE-2020-16999", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17007", "CVE-2020-17010", "CVE-2020-17011", "CVE-2020-17012", "CVE-2020-17013", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17030", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17035", "CVE-2020-17036", "CVE-2020-17037", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17046", "CVE-2020-17047", "CVE-2020-17051", "CVE-2020-17052", "CVE-2020-17053", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17057", "CVE-2020-17058", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17070", "CVE-2020-17071", "CVE-2020-17073", "CVE-2020-17074", "CVE-2020-17075", "CVE-2020-17076", "CVE-2020-17077", "CVE-2020-17087", "CVE-2020-17088", "CVE-2020-17090", "CVE-2020-17113"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_NOV_4586786.NASL", "href": "https://www.tenable.com/plugins/nessus/142680", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142680);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-1599\",\n \"CVE-2020-16997\",\n \"CVE-2020-16998\",\n \"CVE-2020-16999\",\n \"CVE-2020-17000\",\n \"CVE-2020-17001\",\n \"CVE-2020-17004\",\n \"CVE-2020-17007\",\n \"CVE-2020-17010\",\n \"CVE-2020-17011\",\n \"CVE-2020-17012\",\n \"CVE-2020-17013\",\n \"CVE-2020-17014\",\n \"CVE-2020-17024\",\n \"CVE-2020-17025\",\n \"CVE-2020-17026\",\n \"CVE-2020-17027\",\n \"CVE-2020-17028\",\n \"CVE-2020-17029\",\n \"CVE-2020-17030\",\n \"CVE-2020-17031\",\n \"CVE-2020-17032\",\n \"CVE-2020-17033\",\n \"CVE-2020-17034\",\n \"CVE-2020-17035\",\n \"CVE-2020-17036\",\n \"CVE-2020-17037\",\n \"CVE-2020-17038\",\n \"CVE-2020-17040\",\n \"CVE-2020-17041\",\n \"CVE-2020-17042\",\n \"CVE-2020-17043\",\n \"CVE-2020-17044\",\n \"CVE-2020-17045\",\n \"CVE-2020-17046\",\n \"CVE-2020-17047\",\n \"CVE-2020-17051\",\n \"CVE-2020-17052\",\n \"CVE-2020-17053\",\n \"CVE-2020-17055\",\n \"CVE-2020-17056\",\n \"CVE-2020-17057\",\n \"CVE-2020-17058\",\n \"CVE-2020-17068\",\n \"CVE-2020-17069\",\n \"CVE-2020-17070\",\n \"CVE-2020-17071\",\n \"CVE-2020-17073\",\n \"CVE-2020-17074\",\n \"CVE-2020-17075\",\n \"CVE-2020-17076\",\n \"CVE-2020-17077\",\n \"CVE-2020-17087\",\n \"CVE-2020-17088\",\n \"CVE-2020-17090\",\n \"CVE-2020-17113\"\n );\n script_xref(name:\"MSKB\", value:\"4586786\");\n script_xref(name:\"MSFT\", value:\"MS20-4586786\");\n script_xref(name:\"IAVA\", value:\"2020-A-0512-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0518-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0521-S\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/05/03\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0135\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0124\");\n\n script_name(english:\"KB4586786: Windows 10 Version 1903 and Windows 10 Version 1909 November 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The Windows installation on the remote host is missing security update 4586781. It is, therefore,\n affected by multiple vulnerabilities. Please review the vendor advisory for more details.\");\n # https://support.microsoft.com/en-us/help/4586786/windows-10-update-kb4586786\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e7e34577\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4586786.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17051\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = \"MS20-11\";\nkbs = make_list('4586786');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"18362\",\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586786])\n || \n smb_check_rollup(os:\"10\",\n sp:0,\n os_build:\"18363\",\n rollup_date:\"11_2020\",\n bulletin:bulletin,\n rollup_kb_list:[4586786])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "kaspersky": [{"lastseen": "2023-02-08T15:49:32", "description": "### *Detect date*:\n11/10/2020\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service, spoof user interface, bypass security restrictions.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server 2019 \nWindows 10 Version 1903 for ARM64-based Systems \nWindows 8.1 for x64-based systems \nWindows Server, version 1903 (Server Core installation) \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 1803 for 32-bit Systems \nWindows Server 2012 R2 (Server Core installation) \nWindows 10 Version 1607 for x64-based Systems \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 1809 for 32-bit Systems \nWindows Server, version 1909 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows 10 Version 2004 for ARM64-based Systems \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows RT 8.1 \nWindows 10 Version 1803 for ARM64-based Systems \nWindows Server, version 20H2 (Server Core Installation) \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 2004 for 32-bit Systems \nWindows 10 Version 1903 for x64-based Systems \nWindows 10 Version 1803 for x64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 for x64-based Systems \nWindows Server 2012 \nWindows Server 2016 (Server Core installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows 8.1 for 32-bit systems \nWindows Server 2012 R2 \nWindows 10 Version 1903 for 32-bit Systems \nWindows Server 2016 \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows Server, version 2004 (Server Core installation) \nWindows 7 for 32-bit Systems Service Pack 1\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2020-17043](<https://nvd.nist.gov/vuln/detail/CVE-2020-17043>) \n[CVE-2020-17069](<https://nvd.nist.gov/vuln/detail/CVE-2020-17069>) \n[CVE-2020-17087](<https://nvd.nist.gov/vuln/detail/CVE-2020-17087>) \n[CVE-2020-17088](<https://nvd.nist.gov/vuln/detail/CVE-2020-17088>) \n[CVE-2020-17045](<https://nvd.nist.gov/vuln/detail/CVE-2020-17045>) \n[CVE-2020-17051](<https://nvd.nist.gov/vuln/detail/CVE-2020-17051>) \n[CVE-2020-17047](<https://nvd.nist.gov/vuln/detail/CVE-2020-17047>) \n[CVE-2020-17042](<https://nvd.nist.gov/vuln/detail/CVE-2020-17042>) \n[CVE-2020-1599](<https://nvd.nist.gov/vuln/detail/CVE-2020-1599>) \n[CVE-2020-17044](<https://nvd.nist.gov/vuln/detail/CVE-2020-17044>) \n[CVE-2020-16997](<https://nvd.nist.gov/vuln/detail/CVE-2020-16997>) \n[CVE-2020-17014](<https://nvd.nist.gov/vuln/detail/CVE-2020-17014>) \n[CVE-2020-17038](<https://nvd.nist.gov/vuln/detail/CVE-2020-17038>) \n[CVE-2020-17011](<https://nvd.nist.gov/vuln/detail/CVE-2020-17011>) \n[CVE-2020-17029](<https://nvd.nist.gov/vuln/detail/CVE-2020-17029>) \n[CVE-2020-17000](<https://nvd.nist.gov/vuln/detail/CVE-2020-17000>) \n[CVE-2020-17001](<https://nvd.nist.gov/vuln/detail/CVE-2020-17001>) \n[CVE-2020-17068](<https://nvd.nist.gov/vuln/detail/CVE-2020-17068>) \n[CVE-2020-17036](<https://nvd.nist.gov/vuln/detail/CVE-2020-17036>) \n[CVE-2020-17004](<https://nvd.nist.gov/vuln/detail/CVE-2020-17004>) \n[CVE-2020-17049](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-17049>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2020-17043](<https://vulners.com/cve/CVE-2020-17043>)6.8High \n[CVE-2020-17069](<https://vulners.com/cve/CVE-2020-17069>)2.1Warning \n[CVE-2020-17087](<https://vulners.com/cve/CVE-2020-17087>)7.2High \n[CVE-2020-17088](<https://vulners.com/cve/CVE-2020-17088>)4.6Warning \n[CVE-2020-17045](<https://vulners.com/cve/CVE-2020-17045>)4.9Warning \n[CVE-2020-17047](<https://vulners.com/cve/CVE-2020-17047>)7.8Critical \n[CVE-2020-17042](<https://vulners.com/cve/CVE-2020-17042>)9.3Critical \n[CVE-2020-1599](<https://vulners.com/cve/CVE-2020-1599>)2.1Warning \n[CVE-2020-17044](<https://vulners.com/cve/CVE-2020-17044>)6.8High \n[CVE-2020-16997](<https://vulners.com/cve/CVE-2020-16997>)4.0Warning \n[CVE-2020-17014](<https://vulners.com/cve/CVE-2020-17014>)6.6High \n[CVE-2020-17038](<https://vulners.com/cve/CVE-2020-17038>)7.2High \n[CVE-2020-17011](<https://vulners.com/cve/CVE-2020-17011>)7.2High \n[CVE-2020-17029](<https://vulners.com/cve/CVE-2020-17029>)4.9Warning \n[CVE-2020-17000](<https://vulners.com/cve/CVE-2020-17000>)2.1Warning \n[CVE-2020-17001](<https://vulners.com/cve/CVE-2020-17001>)4.6Warning \n[CVE-2020-17068](<https://vulners.com/cve/CVE-2020-17068>)7.2High \n[CVE-2020-17036](<https://vulners.com/cve/CVE-2020-17036>)4.9Warning \n[CVE-2020-17004](<https://vulners.com/cve/CVE-2020-17004>)2.1Warning \n[CVE-2020-17049](<https://vulners.com/cve/CVE-2020-17049>)9.0Critical\n\n### *KB list*:\n[4586827](<http://support.microsoft.com/kb/4586827>) \n[4586817](<http://support.microsoft.com/kb/4586817>) \n[4586805](<http://support.microsoft.com/kb/4586805>) \n[4586807](<http://support.microsoft.com/kb/4586807>) \n[5004289](<http://support.microsoft.com/kb/5004289>) \n[5004307](<http://support.microsoft.com/kb/5004307>) \n[5004299](<http://support.microsoft.com/kb/5004299>) \n[5004305](<http://support.microsoft.com/kb/5004305>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "kaspersky", "title": "KLA12003 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17011", "CVE-2020-17014", "CVE-2020-17029", "CVE-2020-17036", "CVE-2020-17038", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17047", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17087", "CVE-2020-17088"], "modified": "2022-01-18T00:00:00", "id": "KLA12003", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12003/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-08T15:49:30", "description": "### *Detect date*:\n11/10/2020\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, spoof user interface.\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).\n\n### *Affected products*:\nWindows 10 Version 1909 for ARM64-based Systems \nWindows Server 2019 \nWindows 10 Version 1903 for ARM64-based Systems \nWindows 8.1 for x64-based systems \nWindows Server, version 1903 (Server Core installation) \nRaw Image Extension \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 1803 for 32-bit Systems \nWindows Server 2012 R2 (Server Core installation) \nWindows 10 Version 1607 for x64-based Systems \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 1809 for 32-bit Systems \nWindows Server, version 1909 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows 10 for 32-bit Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows 10 Version 2004 for ARM64-based Systems \nAV1 Video Extension \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows RT 8.1 \nWebP Image Extension \nWindows 10 Version 1803 for ARM64-based Systems \nWindows Server, version 20H2 (Server Core Installation) \nWindows 10 Version 1607 for 32-bit Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows Server 2012 (Server Core installation) \nWindows 10 Version 2004 for x64-based Systems \nWindows 10 Version 2004 for 32-bit Systems \nWindows 10 Version 1903 for x64-based Systems \nWindows 10 Version 1803 for x64-based Systems \nHEVC Video Extensions \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows 10 for x64-based Systems \nWindows Server 2012 \nHEIF Image Extension \nWindows Server 2016 (Server Core installation) \nWindows 7 for x64-based Systems Service Pack 1 \nWindows 8.1 for 32-bit systems \nWindows Server 2012 R2 \nWindows 10 Version 1903 for 32-bit Systems \nWindows Server 2016 \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 1909 for 32-bit Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows Server, version 2004 (Server Core installation) \nWindows 7 for 32-bit Systems Service Pack 1\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2020-17081](<https://nvd.nist.gov/vuln/detail/CVE-2020-17081>) \n[CVE-2020-17082](<https://nvd.nist.gov/vuln/detail/CVE-2020-17082>) \n[CVE-2020-17075](<https://nvd.nist.gov/vuln/detail/CVE-2020-17075>) \n[CVE-2020-17049](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/CVE-2020-17049>) \n[CVE-2020-17086](<https://nvd.nist.gov/vuln/detail/CVE-2020-17086>) \n[CVE-2020-17087](<https://nvd.nist.gov/vuln/detail/CVE-2020-17087>) \n[CVE-2020-17088](<https://nvd.nist.gov/vuln/detail/CVE-2020-17088>) \n[CVE-2020-17045](<https://nvd.nist.gov/vuln/detail/CVE-2020-17045>) \n[CVE-2020-17046](<https://nvd.nist.gov/vuln/detail/CVE-2020-17046>) \n[CVE-2020-17047](<https://nvd.nist.gov/vuln/detail/CVE-2020-17047>) \n[CVE-2020-17040](<https://nvd.nist.gov/vuln/detail/CVE-2020-17040>) \n[CVE-2020-17041](<https://nvd.nist.gov/vuln/detail/CVE-2020-17041>) \n[CVE-2020-17042](<https://nvd.nist.gov/vuln/detail/CVE-2020-17042>) \n[CVE-2020-17043](<https://nvd.nist.gov/vuln/detail/CVE-2020-17043>) \n[CVE-2020-17101](<https://nvd.nist.gov/vuln/detail/CVE-2020-17101>) \n[CVE-2020-17026](<https://nvd.nist.gov/vuln/detail/CVE-2020-17026>) \n[CVE-2020-17102](<https://nvd.nist.gov/vuln/detail/CVE-2020-17102>) \n[CVE-2020-17106](<https://nvd.nist.gov/vuln/detail/CVE-2020-17106>) \n[CVE-2020-17028](<https://nvd.nist.gov/vuln/detail/CVE-2020-17028>) \n[CVE-2020-17029](<https://nvd.nist.gov/vuln/detail/CVE-2020-17029>) \n[CVE-2020-17000](<https://nvd.nist.gov/vuln/detail/CVE-2020-17000>) \n[CVE-2020-17001](<https://nvd.nist.gov/vuln/detail/CVE-2020-17001>) \n[CVE-2020-17024](<https://nvd.nist.gov/vuln/detail/CVE-2020-17024>) \n[CVE-2020-17025](<https://nvd.nist.gov/vuln/detail/CVE-2020-17025>) \n[CVE-2020-17004](<https://nvd.nist.gov/vuln/detail/CVE-2020-17004>) \n[CVE-2020-17068](<https://nvd.nist.gov/vuln/detail/CVE-2020-17068>) \n[CVE-2020-17007](<https://nvd.nist.gov/vuln/detail/CVE-2020-17007>) \n[CVE-2020-17069](<https://nvd.nist.gov/vuln/detail/CVE-2020-17069>) \n[CVE-2020-16999](<https://nvd.nist.gov/vuln/detail/CVE-2020-16999>) \n[CVE-2020-17038](<https://nvd.nist.gov/vuln/detail/CVE-2020-17038>) \n[CVE-2020-17034](<https://nvd.nist.gov/vuln/detail/CVE-2020-17034>) \n[CVE-2020-1599](<https://nvd.nist.gov/vuln/detail/CVE-2020-1599>) \n[CVE-2020-17044](<https://nvd.nist.gov/vuln/detail/CVE-2020-17044>) \n[CVE-2020-17109](<https://nvd.nist.gov/vuln/detail/CVE-2020-17109>) \n[CVE-2020-17033](<https://nvd.nist.gov/vuln/detail/CVE-2020-17033>) \n[CVE-2020-17090](<https://nvd.nist.gov/vuln/detail/CVE-2020-17090>) \n[CVE-2020-17027](<https://nvd.nist.gov/vuln/detail/CVE-2020-17027>) \n[CVE-2020-17030](<https://nvd.nist.gov/vuln/detail/CVE-2020-17030>) \n[CVE-2020-17051](<https://nvd.nist.gov/vuln/detail/CVE-2020-17051>) \n[CVE-2020-17057](<https://nvd.nist.gov/vuln/detail/CVE-2020-17057>) \n[CVE-2020-17056](<https://nvd.nist.gov/vuln/detail/CVE-2020-17056>) \n[CVE-2020-17055](<https://nvd.nist.gov/vuln/detail/CVE-2020-17055>) \n[CVE-2020-17108](<https://nvd.nist.gov/vuln/detail/CVE-2020-17108>) \n[CVE-2020-17070](<https://nvd.nist.gov/vuln/detail/CVE-2020-17070>) \n[CVE-2020-17073](<https://nvd.nist.gov/vuln/detail/CVE-2020-17073>) \n[CVE-2020-17014](<https://nvd.nist.gov/vuln/detail/CVE-2020-17014>) \n[CVE-2020-17013](<https://nvd.nist.gov/vuln/detail/CVE-2020-17013>) \n[CVE-2020-17074](<https://nvd.nist.gov/vuln/detail/CVE-2020-17074>) \n[CVE-2020-17011](<https://nvd.nist.gov/vuln/detail/CVE-2020-17011>) \n[CVE-2020-17010](<https://nvd.nist.gov/vuln/detail/CVE-2020-17010>) \n[CVE-2020-17035](<https://nvd.nist.gov/vuln/detail/CVE-2020-17035>) \n[CVE-2020-17078](<https://nvd.nist.gov/vuln/detail/CVE-2020-17078>) \n[CVE-2020-17037](<https://nvd.nist.gov/vuln/detail/CVE-2020-17037>) \n[CVE-2020-17036](<https://nvd.nist.gov/vuln/detail/CVE-2020-17036>) \n[CVE-2020-17031](<https://nvd.nist.gov/vuln/detail/CVE-2020-17031>) \n[CVE-2020-16998](<https://nvd.nist.gov/vuln/detail/CVE-2020-16998>) \n[CVE-2020-17076](<https://nvd.nist.gov/vuln/detail/CVE-2020-17076>) \n[CVE-2020-17032](<https://nvd.nist.gov/vuln/detail/CVE-2020-17032>) \n[CVE-2020-16997](<https://nvd.nist.gov/vuln/detail/CVE-2020-16997>) \n[CVE-2020-17071](<https://nvd.nist.gov/vuln/detail/CVE-2020-17071>) \n[CVE-2020-17113](<https://nvd.nist.gov/vuln/detail/CVE-2020-17113>) \n[CVE-2020-17077](<https://nvd.nist.gov/vuln/detail/CVE-2020-17077>) \n[CVE-2020-17110](<https://nvd.nist.gov/vuln/detail/CVE-2020-17110>) \n[CVE-2020-17107](<https://nvd.nist.gov/vuln/detail/CVE-2020-17107>) \n[CVE-2020-17105](<https://nvd.nist.gov/vuln/detail/CVE-2020-17105>) \n[CVE-2020-17079](<https://nvd.nist.gov/vuln/detail/CVE-2020-17079>) \n[CVE-2020-17012](<https://nvd.nist.gov/vuln/detail/CVE-2020-17012>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows Server 2012](<https://threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/>)\n\n### *CVE-IDS*:\n[CVE-2020-17043](<https://vulners.com/cve/CVE-2020-17043>)6.8High \n[CVE-2020-17069](<https://vulners.com/cve/CVE-2020-17069>)2.1Warning \n[CVE-2020-17087](<https://vulners.com/cve/CVE-2020-17087>)7.2High \n[CVE-2020-17088](<https://vulners.com/cve/CVE-2020-17088>)4.6Warning \n[CVE-2020-17045](<https://vulners.com/cve/CVE-2020-17045>)4.9Warning \n[CVE-2020-17047](<https://vulners.com/cve/CVE-2020-17047>)7.8Critical \n[CVE-2020-17042](<https://vulners.com/cve/CVE-2020-17042>)9.3Critical \n[CVE-2020-1599](<https://vulners.com/cve/CVE-2020-1599>)2.1Warning \n[CVE-2020-17044](<https://vulners.com/cve/CVE-2020-17044>)6.8High \n[CVE-2020-16997](<https://vulners.com/cve/CVE-2020-16997>)4.0Warning \n[CVE-2020-17014](<https://vulners.com/cve/CVE-2020-17014>)6.6High \n[CVE-2020-17038](<https://vulners.com/cve/CVE-2020-17038>)7.2High \n[CVE-2020-17011](<https://vulners.com/cve/CVE-2020-17011>)7.2High \n[CVE-2020-17029](<https://vulners.com/cve/CVE-2020-17029>)4.9Warning \n[CVE-2020-17000](<https://vulners.com/cve/CVE-2020-17000>)2.1Warning \n[CVE-2020-17001](<https://vulners.com/cve/CVE-2020-17001>)4.6Warning \n[CVE-2020-17068](<https://vulners.com/cve/CVE-2020-17068>)7.2High \n[CVE-2020-17036](<https://vulners.com/cve/CVE-2020-17036>)4.9Warning \n[CVE-2020-17004](<https://vulners.com/cve/CVE-2020-17004>)2.1Warning \n[CVE-2020-17081](<https://vulners.com/cve/CVE-2020-17081>)5.0Critical \n[CVE-2020-17082](<https://vulners.com/cve/CVE-2020-17082>)7.5Critical \n[CVE-2020-17075](<https://vulners.com/cve/CVE-2020-17075>)4.6Warning \n[CVE-2020-17049](<https://vulners.com/cve/CVE-2020-17049>)9.0Critical \n[CVE-2020-17086](<https://vulners.com/cve/CVE-2020-17086>)7.5Critical \n[CVE-2020-17046](<https://vulners.com/cve/CVE-2020-17046>)4.9Warning \n[CVE-2020-17040](<https://vulners.com/cve/CVE-2020-17040>)7.5Critical \n[CVE-2020-17041](<https://vulners.com/cve/CVE-2020-17041>)7.2High \n[CVE-2020-17101](<https://vulners.com/cve/CVE-2020-17101>)4.6Warning \n[CVE-2020-17026](<https://vulners.com/cve/CVE-2020-17026>)4.6Warning \n[CVE-2020-17102](<https://vulners.com/cve/CVE-2020-17102>)2.1Warning \n[CVE-2020-17106](<https://vulners.com/cve/CVE-2020-17106>)9.3Critical \n[CVE-2020-17028](<https://vulners.com/cve/CVE-2020-17028>)4.6Warning \n[CVE-2020-17024](<https://vulners.com/cve/CVE-2020-17024>)7.2High \n[CVE-2020-17025](<https://vulners.com/cve/CVE-2020-17025>)4.6Warning \n[CVE-2020-17007](<https://vulners.com/cve/CVE-2020-17007>)4.6Warning \n[CVE-2020-16999](<https://vulners.com/cve/CVE-2020-16999>)2.1Warning \n[CVE-2020-17034](<https://vulners.com/cve/CVE-2020-17034>)4.6Warning \n[CVE-2020-17109](<https://vulners.com/cve/CVE-2020-17109>)9.3Critical \n[CVE-2020-17033](<https://vulners.com/cve/CVE-2020-17033>)4.6Warning \n[CVE-2020-17090](<https://vulners.com/cve/CVE-2020-17090>)7.5Critical \n[CVE-2020-17027](<https://vulners.com/cve/CVE-2020-17027>)4.6Warning \n[CVE-2020-17030](<https://vulners.com/cve/CVE-2020-17030>)4.9Warning \n[CVE-2020-17057](<https://vulners.com/cve/CVE-2020-17057>)7.2High \n[CVE-2020-17056](<https://vulners.com/cve/CVE-2020-17056>)2.1Warning \n[CVE-2020-17055](<https://vulners.com/cve/CVE-2020-17055>)6.8High \n[CVE-2020-17108](<https://vulners.com/cve/CVE-2020-17108>)9.3Critical \n[CVE-2020-17070](<https://vulners.com/cve/CVE-2020-17070>)7.2High \n[CVE-2020-17073](<https://vulners.com/cve/CVE-2020-17073>)4.6Warning \n[CVE-2020-17013](<https://vulners.com/cve/CVE-2020-17013>)2.1Warning \n[CVE-2020-17074](<https://vulners.com/cve/CVE-2020-17074>)7.2High \n[CVE-2020-17010](<https://vulners.com/cve/CVE-2020-17010>)7.2High \n[CVE-2020-17035](<https://vulners.com/cve/CVE-2020-17035>)7.2High \n[CVE-2020-17078](<https://vulners.com/cve/CVE-2020-17078>)7.5Critical \n[CVE-2020-17037](<https://vulners.com/cve/CVE-2020-17037>)7.2High \n[CVE-2020-17031](<https://vulners.com/cve/CVE-2020-17031>)4.6Warning \n[CVE-2020-16998](<https://vulners.com/cve/CVE-2020-16998>)4.6Warning \n[CVE-2020-17076](<https://vulners.com/cve/CVE-2020-17076>)7.2High \n[CVE-2020-17032](<https://vulners.com/cve/CVE-2020-17032>)4.6Warning \n[CVE-2020-17071](<https://vulners.com/cve/CVE-2020-17071>)2.1Warning \n[CVE-2020-17113](<https://vulners.com/cve/CVE-2020-17113>)2.1Warning \n[CVE-2020-17077](<https://vulners.com/cve/CVE-2020-17077>)7.2High \n[CVE-2020-17110](<https://vulners.com/cve/CVE-2020-17110>)9.3Critical \n[CVE-2020-17107](<https://vulners.com/cve/CVE-2020-17107>)9.3Critical \n[CVE-2020-17079](<https://vulners.com/cve/CVE-2020-17079>)7.5Critical \n[CVE-2020-17012](<https://vulners.com/cve/CVE-2020-17012>)4.6Warning\n\n### *KB list*:\n[4586785](<http://support.microsoft.com/kb/4586785>) \n[4586793](<http://support.microsoft.com/kb/4586793>) \n[4586787](<http://support.microsoft.com/kb/4586787>) \n[4586786](<http://support.microsoft.com/kb/4586786>) \n[4586781](<http://support.microsoft.com/kb/4586781>) \n[4586834](<http://support.microsoft.com/kb/4586834>) \n[4586830](<http://support.microsoft.com/kb/4586830>) \n[4586845](<http://support.microsoft.com/kb/4586845>) \n[4586808](<http://support.microsoft.com/kb/4586808>) \n[4586823](<http://support.microsoft.com/kb/4586823>) \n[4592449](<http://support.microsoft.com/kb/4592449>) \n[4598278](<http://support.microsoft.com/kb/4598278>) \n[4598297](<http://support.microsoft.com/kb/4598297>) \n[5001337](<http://support.microsoft.com/kb/5001337>) \n[5004238](<http://support.microsoft.com/kb/5004238>) \n[5004302](<http://support.microsoft.com/kb/5004302>) \n[5004294](<http://support.microsoft.com/kb/5004294>) \n[5004237](<http://support.microsoft.com/kb/5004237>) \n[5004244](<http://support.microsoft.com/kb/5004244>) \n[5004298](<http://support.microsoft.com/kb/5004298>) \n[5004285](<http://support.microsoft.com/kb/5004285>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-11-10T00:00:00", "type": "kaspersky", "title": "KLA12004 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1599", "CVE-2020-16997", "CVE-2020-16998", "CVE-2020-16999", "CVE-2020-17000", "CVE-2020-17001", "CVE-2020-17004", "CVE-2020-17007", "CVE-2020-17010", "CVE-2020-17011", "CVE-2020-17012", "CVE-2020-17013", "CVE-2020-17014", "CVE-2020-17024", "CVE-2020-17025", "CVE-2020-17026", "CVE-2020-17027", "CVE-2020-17028", "CVE-2020-17029", "CVE-2020-17030", "CVE-2020-17031", "CVE-2020-17032", "CVE-2020-17033", "CVE-2020-17034", "CVE-2020-17035", "CVE-2020-17036", "CVE-2020-17037", "CVE-2020-17038", "CVE-2020-17040", "CVE-2020-17041", "CVE-2020-17042", "CVE-2020-17043", "CVE-2020-17044", "CVE-2020-17045", "CVE-2020-17046", "CVE-2020-17047", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17055", "CVE-2020-17056", "CVE-2020-17057", "CVE-2020-17068", "CVE-2020-17069", "CVE-2020-17070", "CVE-2020-17071", "CVE-2020-17073", "CVE-2020-17074", "CVE-2020-17075", "CVE-2020-17076", "CVE-2020-17077", "CVE-2020-17078", "CVE-2020-17079", "CVE-2020-17081", "CVE-2020-17082", "CVE-2020-17086", "CVE-2020-17087", "CVE-2020-17088", "CVE-2020-17090", "CVE-2020-17101", "CVE-2020-17102", "CVE-2020-17105", "CVE-2020-17106", "CVE-2020-17107", "CVE-2020-17108", "CVE-2020-17109", "CVE-2020-17110", "CVE-2020-17113"], "modified": "2022-01-18T00:00:00", "id": "KLA12004", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12004/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}