KB4593226: Windows 10 Version 1607 and Windows Server 2016 December 2020 Security Update

2020-12-08T00:00:00

Description

The remote Windows host is missing security update 4593226. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964, CVE-2020-17092, CVE-2020-17097) - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2020-17095, CVE-2020-17096) - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application. (CVE-2020-16996, CVE-2020-17099) - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17098, CVE-2020-17138, CVE-2020-17140)

{"id": "SMB_NT_MS20_DEC_4586830.NASL", "vendorId": null, "type": "nessus", "bulletinFamily": "scanner", "title": "KB4593226: Windows 10 Version 1607 and Windows Server 2016 December 2020 Security Update", "description": "The remote Windows host is missing security update 4593226.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964, CVE-2020-17092, CVE-2020-17097)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2020-17095, CVE-2020-17096)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2020-16996, CVE-2020-17099)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17098, CVE-2020-17138, CVE-2020-17140)", "published": "2020-12-08T00:00:00", "modified": "2022-12-05T00:00:00", "epss": [], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.tenable.com/plugins/nessus/143569", "reporter": "This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16964", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17140", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17097", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16960", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16996", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17096", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17098", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17092", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17138", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16962", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16958", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16963", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16959", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17095", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-17099", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16961", "http://www.nessus.org/u?779e1d95"], "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-16996", "CVE-2020-17092", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17099", "CVE-2020-17138", "CVE-2020-17140"], "immutableFields": [], "lastseen": "2023-05-18T15:25:47", "viewCount": 26, "enchantments": {"dependencies": {"references": [{"type": "avleonov", "idList": ["AVLEONOV:28E47C69DA4A069031694EB4C2C931BA"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-1250", "CPAI-2020-1272"]}, {"type": "cve", "idList": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-16996", "CVE-2020-17092", "CVE-2020-17094", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17099", "CVE-2020-17138", "CVE-2020-17140"]}, {"type": "ibm", "idList": ["F34133DBAC4F6FEF866DB845BED95244FB18E8AD56C9EDC4C9EFFFDFD49046C8"]}, {"type": "kaspersky", "idList": ["KLA12024", "KLA12025"]}, {"type": "mscve", "idList": ["MS:CVE-2020-16958", "MS:CVE-2020-16959", "MS:CVE-2020-16960", "MS:CVE-2020-16961", "MS:CVE-2020-16962", "MS:CVE-2020-16963", "MS:CVE-2020-16964", "MS:CVE-2020-16996", "MS:CVE-2020-17092", "MS:CVE-2020-17094", "MS:CVE-2020-17095", "MS:CVE-2020-17096", "MS:CVE-2020-17097", "MS:CVE-2020-17098", "MS:CVE-2020-17099", "MS:CVE-2020-17138", "MS:CVE-2020-17140"]}, {"type": "mskb", "idList": ["KB4592446", "KB4592464", "KB4592468", "KB4592471", "KB4592484", "KB4592495", "KB4592497", "KB4592498", "KB4592503", "KB4592504", "KB4593226"]}, {"type": "nessus", "idList": ["SMB_NT_MS20_DEC_4586793.NASL", "SMB_NT_MS20_DEC_4592438.NASL", "SMB_NT_MS20_DEC_4592446.NASL", "SMB_NT_MS20_DEC_4592449.NASL", "SMB_NT_MS20_DEC_4592464.NASL", "SMB_NT_MS20_DEC_4592468.NASL", "SMB_NT_MS20_DEC_4592471.NASL", "SMB_NT_MS20_DEC_4592484.NASL", "SMB_NT_MS20_DEC_4592498.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:D6BB8795D96ECAD5C95596F19210BB13"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:99D9180FBF3F900ADB0CDC5EF79EC080"]}, {"type": "thn", "idList": ["THN:BCD236457064C9D8673B1536BE370718"]}, {"type": "threatpost", "idList": ["THREATPOST:02914A68EEB34D94544D5D00BF463BAC"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-16996"]}]}, "score": {"value": 0.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "avleonov", "idList": ["AVLEONOV:28E47C69DA4A069031694EB4C2C931BA"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2020-1250", "CPAI-2020-1272"]}, {"type": "cve", "idList": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-16996", "CVE-2020-17092", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17099", "CVE-2020-17138", "CVE-2020-17140"]}, {"type": "ibm", "idList": ["F34133DBAC4F6FEF866DB845BED95244FB18E8AD56C9EDC4C9EFFFDFD49046C8"]}, {"type": "kaspersky", "idList": ["KLA12024", "KLA12025"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/MSFT-CVE-2020-16963/", "MSF:ILITIES/MSFT-CVE-2020-16964/"]}, {"type": "mscve", "idList": ["MS:CVE-2020-16958", "MS:CVE-2020-16959", "MS:CVE-2020-16960", "MS:CVE-2020-16961", "MS:CVE-2020-16962", "MS:CVE-2020-16963", "MS:CVE-2020-16964", "MS:CVE-2020-16996", "MS:CVE-2020-17092", "MS:CVE-2020-17095", "MS:CVE-2020-17096", "MS:CVE-2020-17097", "MS:CVE-2020-17098", "MS:CVE-2020-17099", "MS:CVE-2020-17138", "MS:CVE-2020-17140"]}, {"type": "mskb", "idList": ["KB4586830", "KB4592503"]}, {"type": "nessus", "idList": ["SMB_HOTFIXES.NASL", "SMB_NT_MS20_DEC_4592471.NASL", "SMB_NT_MS20_DEC_4592498.NASL"]}, {"type": "qualysblog", "idList": ["QUALYSBLOG:D6BB8795D96ECAD5C95596F19210BB13"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:99D9180FBF3F900ADB0CDC5EF79EC080"]}, {"type": "thn", "idList": ["THN:BCD236457064C9D8673B1536BE370718"]}, {"type": "threatpost", "idList": ["THREATPOST:02914A68EEB34D94544D5D00BF463BAC"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-16996"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2020-16958", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-16959", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-16960", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-16961", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-16962", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-16963", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-16964", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-16996", "epss": 0.00064, "percentile": 0.26054, "modified": "2023-05-07"}, {"cve": "CVE-2020-17092", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-17095", "epss": 0.02939, "percentile": 0.89326, "modified": "2023-05-07"}, {"cve": "CVE-2020-17096", "epss": 0.01714, "percentile": 0.85932, "modified": "2023-05-07"}, {"cve": "CVE-2020-17097", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-17098", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-17099", "epss": 0.00055, "percentile": 0.2086, "modified": "2023-05-07"}, {"cve": "CVE-2020-17138", "epss": 0.00043, "percentile": 0.07428, "modified": "2023-05-07"}, {"cve": "CVE-2020-17140", "epss": 0.0392, "percentile": 0.90643, "modified": "2023-05-07"}], "vulnersScore": 0.6}, "_state": {"dependencies": 1684442002, "score": 1684423648, "epss": 0}, "_internal": {"score_hash": "782cf6db6d4401be7df313aa0512dce9"}, "pluginID": "143569", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143569);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-16958\",\n \"CVE-2020-16959\",\n \"CVE-2020-16960\",\n \"CVE-2020-16961\",\n \"CVE-2020-16962\",\n \"CVE-2020-16963\",\n \"CVE-2020-16964\",\n \"CVE-2020-16996\",\n \"CVE-2020-17092\",\n \"CVE-2020-17095\",\n \"CVE-2020-17096\",\n \"CVE-2020-17097\",\n \"CVE-2020-17098\",\n \"CVE-2020-17099\",\n \"CVE-2020-17138\",\n \"CVE-2020-17140\"\n );\n script_xref(name:\"MSKB\", value:\"4593226\");\n script_xref(name:\"MSFT\", value:\"MS20-4593226\");\n script_xref(name:\"IAVA\", value:\"2020-A-0561-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0562-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0138\");\n\n script_name(english:\"KB4593226: Windows 10 Version 1607 and Windows Server 2016 December 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4593226.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960,\n CVE-2020-16961, CVE-2020-16962, CVE-2020-16963,\n CVE-2020-16964, CVE-2020-17092, CVE-2020-17097)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2020-17095,\n CVE-2020-17096)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2020-16996, CVE-2020-17099)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2020-17098, CVE-2020-17138,\n CVE-2020-17140)\");\n # https://support.microsoft.com/en-us/help/4593226/windows-10-update-kb4593226\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?779e1d95\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4586830.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"manual\");\n script_set_attribute(attribute:\"cvss_score_rationale\", value:\"Score based on analysis of the vendor advisory.\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS20-12';\nkbs = make_list('4593226');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'14393',\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4593226])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "naslFamily": "Windows : Microsoft Bulletins", "cpe": ["cpe:/o:microsoft:windows"], "solution": "Apply Cumulative Update KB4586830.", "nessusSeverity": "High", "cvssScoreSource": "manual", "vendor_cvss2": {"score": 7.1, "vector": "CVSS2#AV:N/AC:H/Au:S/C:C/I:C/A:C"}, "vendor_cvss3": {"score": 8.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}, "vpr": {"risk factor": "High", "score": "8.4"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-12-08T00:00:00", "vulnerabilityPublicationDate": "2020-12-08T00:00:00", "exploitableWith": []}

{"nessus": [{"lastseen": "2023-05-18T15:25:34", "description": "The remote Windows host is missing security update 4592464.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2020-17099)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17098, CVE-2020-17140)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964, CVE-2020-17092, CVE-2020-17097)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2020-17096)", "cvss3": {}, "published": "2020-12-08T00:00:00", "type": "nessus", "title": "KB4592464: Windows 10 December 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-17092", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17099", "CVE-2020-17140"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_DEC_4592464.NASL", "href": "https://www.tenable.com/plugins/nessus/143565", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143565);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-16958\",\n \"CVE-2020-16959\",\n \"CVE-2020-16960\",\n \"CVE-2020-16961\",\n \"CVE-2020-16962\",\n \"CVE-2020-16963\",\n \"CVE-2020-16964\",\n \"CVE-2020-17092\",\n \"CVE-2020-17096\",\n \"CVE-2020-17097\",\n \"CVE-2020-17098\",\n \"CVE-2020-17099\",\n \"CVE-2020-17140\"\n );\n script_xref(name:\"MSKB\", value:\"4592464\");\n script_xref(name:\"MSFT\", value:\"MS20-4592464\");\n script_xref(name:\"IAVA\", value:\"2020-A-0561-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0562-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0138\");\n\n script_name(english:\"KB4592464: Windows 10 December 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4592464.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2020-17099)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2020-17098, CVE-2020-17140)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960,\n CVE-2020-16961, CVE-2020-16962, CVE-2020-16963,\n CVE-2020-16964, CVE-2020-17092, CVE-2020-17097)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2020-17096)\");\n # https://support.microsoft.com/en-us/help/4592464/windows-10-update-kb4592464\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3feae7ab\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4592464.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17096\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS20-12';\nkbs = make_list('4592464');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'10240',\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4592464])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:47", "description": "The remote Windows host is missing security update 4592503 or cumulative update 4592471. It is, therefore, affected by multiple vulnerabilities:\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17098, CVE-2020-17140)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964)", "cvss3": {}, "published": "2020-12-08T00:00:00", "type": "nessus", "title": "KB4592503: Windows 7 and Windows Server 2008 R2 December 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-17098", "CVE-2020-17140"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_DEC_4592471.NASL", "href": "https://www.tenable.com/plugins/nessus/143572", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143572);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\n \"CVE-2020-16958\",\n \"CVE-2020-16959\",\n \"CVE-2020-16960\",\n \"CVE-2020-16961\",\n \"CVE-2020-16962\",\n \"CVE-2020-16963\",\n \"CVE-2020-16964\",\n \"CVE-2020-17098\",\n \"CVE-2020-17140\"\n );\n script_xref(name:\"MSKB\", value:\"4592471\");\n script_xref(name:\"MSKB\", value:\"4592503\");\n script_xref(name:\"MSFT\", value:\"MS20-4592471\");\n script_xref(name:\"MSFT\", value:\"MS20-4592503\");\n script_xref(name:\"IAVA\", value:\"2020-A-0561-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0562-S\");\n\n script_name(english:\"KB4592503: Windows 7 and Windows Server 2008 R2 December 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4592503\nor cumulative update 4592471. It is, therefore, affected by\nmultiple vulnerabilities:\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2020-17098, CVE-2020-17140)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960,\n CVE-2020-16961, CVE-2020-16962, CVE-2020-16963,\n CVE-2020-16964)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4592471/windows-7-update\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4592503/windows-7-update\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4592503 or Cumulative Update KB4592471.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-16964\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS20-12';\nkbs = make_list('4592471', '4592503');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win7:'1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.1',\n sp:1,\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4592471, 4592503])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:14:14", "description": "The remote Windows host is missing security update 4592446.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2020-17099)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2020-17095, CVE-2020-17096)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964, CVE-2020-17092, CVE-2020-17097, CVE-2020-17103, CVE-2020-17134, CVE-2020-17136)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17094, CVE-2020-17098, CVE-2020-17140)", "cvss3": {}, "published": "2020-12-08T00:00:00", "type": "nessus", "title": "KB4592446: Windows 10 Version 1803 December 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-17092", "CVE-2020-17094", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17099", "CVE-2020-17103", "CVE-2020-17134", "CVE-2020-17136", "CVE-2020-17140"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_DEC_4592446.NASL", "href": "https://www.tenable.com/plugins/nessus/143571", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143571);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-16958\",\n \"CVE-2020-16959\",\n \"CVE-2020-16960\",\n \"CVE-2020-16961\",\n \"CVE-2020-16962\",\n \"CVE-2020-16963\",\n \"CVE-2020-16964\",\n \"CVE-2020-17092\",\n \"CVE-2020-17094\",\n \"CVE-2020-17095\",\n \"CVE-2020-17096\",\n \"CVE-2020-17097\",\n \"CVE-2020-17098\",\n \"CVE-2020-17099\",\n \"CVE-2020-17103\",\n \"CVE-2020-17134\",\n \"CVE-2020-17136\",\n \"CVE-2020-17140\"\n );\n script_xref(name:\"MSKB\", value:\"4592446\");\n script_xref(name:\"MSFT\", value:\"MS20-4592446\");\n script_xref(name:\"IAVA\", value:\"2020-A-0561-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0562-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0138\");\n\n script_name(english:\"KB4592446: Windows 10 Version 1803 December 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4592446.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2020-17099)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2020-17095,\n CVE-2020-17096)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960,\n CVE-2020-16961, CVE-2020-16962, CVE-2020-16963,\n CVE-2020-16964, CVE-2020-17092, CVE-2020-17097,\n CVE-2020-17103, CVE-2020-17134, CVE-2020-17136)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2020-17094, CVE-2020-17098,\n CVE-2020-17140)\");\n # https://support.microsoft.com/en-us/help/4592446/windows-10-update-kb4592446\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e51f32b6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4592446.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17096\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-17095\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS20-12';\nkbs = make_list('4592446');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'17134',\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4592446])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:34", "description": "The remote Windows host is missing security update 4592495 or cumulative update 4592484. It is, therefore, affected by multiple vulnerabilities:\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17098, CVE-2020-17140)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2020-16996)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2020-17092, CVE-2020-17097)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2020-17096)", "cvss3": {}, "published": "2020-12-08T00:00:00", "type": "nessus", "title": "KB4592495: Windows 8.1 and Windows Server 2012 R2 December 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16996", "CVE-2020-17092", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17140"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_DEC_4592484.NASL", "href": "https://www.tenable.com/plugins/nessus/143560", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143560);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-16996\",\n \"CVE-2020-17092\",\n \"CVE-2020-17096\",\n \"CVE-2020-17097\",\n \"CVE-2020-17098\",\n \"CVE-2020-17140\"\n );\n script_xref(name:\"MSKB\", value:\"4592495\");\n script_xref(name:\"MSKB\", value:\"4592484\");\n script_xref(name:\"MSFT\", value:\"MS20-4592495\");\n script_xref(name:\"MSFT\", value:\"MS20-4592484\");\n script_xref(name:\"IAVA\", value:\"2020-A-0561-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0562-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0138\");\n\n script_name(english:\"KB4592495: Windows 8.1 and Windows Server 2012 R2 December 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4592495\nor cumulative update 4592484. It is, therefore, affected by\nmultiple vulnerabilities:\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2020-17098, CVE-2020-17140)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2020-16996)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2020-17092, CVE-2020-17097)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2020-17096)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4592495/windows-8-1-update\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/4592484/windows-8-1-update\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4592495 or Cumulative Update KB4592484.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17096\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');\n\nbulletin = 'MS20-12';\nkbs = make_list('4592495', '4592484');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit('SMB/ProductName', exit_code:1);\nif ('Windows 8' >< productname && '8.1' >!< productname)\n audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.3',\n sp:0,\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4592495, 4592484])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:14:14", "description": "The remote Windows host is missing security update 4592440. It is, therefore, affected by multiple vulnerabilities:\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964, CVE-2020-17092, CVE-2020-17097, CVE-2020-17103, CVE-2020-17134, CVE-2020-17136)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2020-17095, CVE-2020-17096)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17094, CVE-2020-17098, CVE-2020-17140)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2020-16996, CVE-2020-17099, CVE-2020-17139)", "cvss3": {}, "published": "2020-12-08T00:00:00", "type": "nessus", "title": "KB4592440: Windows 10 Version 1809 and Windows Server 2019 December 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-16996", "CVE-2020-17092", "CVE-2020-17094", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17099", "CVE-2020-17103", "CVE-2020-17134", "CVE-2020-17136", "CVE-2020-17139", "CVE-2020-17140"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_DEC_4586793.NASL", "href": "https://www.tenable.com/plugins/nessus/143561", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143561);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-16958\",\n \"CVE-2020-16959\",\n \"CVE-2020-16960\",\n \"CVE-2020-16961\",\n \"CVE-2020-16962\",\n \"CVE-2020-16963\",\n \"CVE-2020-16964\",\n \"CVE-2020-16996\",\n \"CVE-2020-17092\",\n \"CVE-2020-17094\",\n \"CVE-2020-17095\",\n \"CVE-2020-17096\",\n \"CVE-2020-17097\",\n \"CVE-2020-17098\",\n \"CVE-2020-17099\",\n \"CVE-2020-17103\",\n \"CVE-2020-17134\",\n \"CVE-2020-17136\",\n \"CVE-2020-17139\",\n \"CVE-2020-17140\"\n );\n script_xref(name:\"MSKB\", value:\"4592440\");\n script_xref(name:\"MSFT\", value:\"MS20-4592440\");\n script_xref(name:\"IAVA\", value:\"2020-A-0561-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0562-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0138\");\n\n script_name(english:\"KB4592440: Windows 10 Version 1809 and Windows Server 2019 December 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4592440. \nIt is, therefore, affected by multiple vulnerabilities:\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960,\n CVE-2020-16961, CVE-2020-16962, CVE-2020-16963,\n CVE-2020-16964, CVE-2020-17092, CVE-2020-17097,\n CVE-2020-17103, CVE-2020-17134, CVE-2020-17136)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2020-17095,\n CVE-2020-17096)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2020-17094, CVE-2020-17098,\n CVE-2020-17140)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2020-16996, CVE-2020-17099, CVE-2020-17139)\");\n # https://support.microsoft.com/en-us/help/4592440/windows-10-update-kb4592440\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1972925b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4592440.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17096\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-17095\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS20-12';\nkbs = make_list('4592440');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\");\nget_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'17763',\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4592440])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:13:35", "description": "The remote Windows host is missing security update 4592497 or cumulative update 4592468. It is, therefore, affected by multiple vulnerabilities:\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17098, CVE-2020-17140)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2020-16996)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2020-17092, CVE-2020-17097)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2020-17096)", "cvss3": {}, "published": "2020-12-08T00:00:00", "type": "nessus", "title": "KB4592497: Windows Server 2012 December 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16996", "CVE-2020-17092", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17140"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_DEC_4592468.NASL", "href": "https://www.tenable.com/plugins/nessus/143559", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143559);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-16996\",\n \"CVE-2020-17092\",\n \"CVE-2020-17096\",\n \"CVE-2020-17097\",\n \"CVE-2020-17098\",\n \"CVE-2020-17140\"\n );\n script_xref(name:\"MSKB\", value:\"4592497\");\n script_xref(name:\"MSKB\", value:\"4592468\");\n script_xref(name:\"MSFT\", value:\"MS20-4592497\");\n script_xref(name:\"MSFT\", value:\"MS20-4592468\");\n script_xref(name:\"IAVA\", value:\"2020-A-0561-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0562-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0138\");\n\n script_name(english:\"KB4592497: Windows Server 2012 December 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4592497\nor cumulative update 4592468. It is, therefore, affected by\nmultiple vulnerabilities:\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2020-17098, CVE-2020-17140)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2020-16996)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2020-17092, CVE-2020-17097)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2020-17096)\");\n # https://support.microsoft.com/en-us/help/4592497/windows-server-2012-update\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d639ba48\");\n # https://support.microsoft.com/en-us/help/4592468/windows-server-2012-update\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d79ac842\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4592497 or Cumulative Update KB4592468.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17096\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS20-12';\nkbs = make_list('4592497', '4592468');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win8:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\n# Windows 8 EOL\nproductname = get_kb_item_or_exit('SMB/ProductName', exit_code:1);\nif ('Windows 8' >< productname) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.2',\n sp:0,\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4592497, 4592468])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:34", "description": "The remote Windows host is missing security update 4592438.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2020-17095, CVE-2020-17096)\n\n - An memory corruption vulnerability exists. An attacker can exploit this to corrupt the memory and cause unexpected behaviors within the system/application.\n (CVE-2020-17131)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17094, CVE-2020-17098, CVE-2020-17140)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2020-17139)\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964, CVE-2020-17092, CVE-2020-17097, CVE-2020-17103, CVE-2020-17134, CVE-2020-17136, CVE-2020-17137)", "cvss3": {}, "published": "2020-12-08T00:00:00", "type": "nessus", "title": "KB4592438: Windows 10 Version 2004 December 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-16996", "CVE-2020-17092", "CVE-2020-17094", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17103", "CVE-2020-17131", "CVE-2020-17134", "CVE-2020-17136", "CVE-2020-17137", "CVE-2020-17139", "CVE-2020-17140"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_DEC_4592438.NASL", "href": "https://www.tenable.com/plugins/nessus/143558", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143558);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-16958\",\n \"CVE-2020-16959\",\n \"CVE-2020-16960\",\n \"CVE-2020-16961\",\n \"CVE-2020-16962\",\n \"CVE-2020-16963\",\n \"CVE-2020-16964\",\n \"CVE-2020-16996\",\n \"CVE-2020-17092\",\n \"CVE-2020-17094\",\n \"CVE-2020-17095\",\n \"CVE-2020-17096\",\n \"CVE-2020-17097\",\n \"CVE-2020-17098\",\n \"CVE-2020-17103\",\n \"CVE-2020-17131\",\n \"CVE-2020-17134\",\n \"CVE-2020-17136\",\n \"CVE-2020-17137\",\n \"CVE-2020-17139\",\n \"CVE-2020-17140\"\n );\n script_xref(name:\"MSKB\", value:\"4592438\");\n script_xref(name:\"MSFT\", value:\"MS20-4592438\");\n script_xref(name:\"IAVA\", value:\"2020-A-0561-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0562-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0555-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0138\");\n\n script_name(english:\"KB4592438: Windows 10 Version 2004 December 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4592438.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2020-17095,\n CVE-2020-17096)\n\n - An memory corruption vulnerability exists. An attacker\n can exploit this to corrupt the memory and cause\n unexpected behaviors within the system/application.\n (CVE-2020-17131)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2020-17094, CVE-2020-17098,\n CVE-2020-17140)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2020-17139)\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960,\n CVE-2020-16961, CVE-2020-16962, CVE-2020-16963,\n CVE-2020-16964, CVE-2020-17092, CVE-2020-17097,\n CVE-2020-17103, CVE-2020-17134, CVE-2020-17136,\n CVE-2020-17137)\");\n # https://support.microsoft.com/en-us/help/4592438/windows-10-update-kb4592438\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b1f576e6\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4592438.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17096\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-17095\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS20-12';\nkbs = make_list('4592438');\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'19041',\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4592438])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:34", "description": "The remote Windows host is missing security update 4592449.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964, CVE-2020-17092, CVE-2020-17097, CVE-2020-17103, CVE-2020-17134, CVE-2020-17136)\n\n - A remote code execution vulnerability. An attacker can exploit this to bypass authentication and execute unauthorized arbitrary commands. (CVE-2020-17095, CVE-2020-17096)\n\n - A security feature bypass vulnerability exists. An attacker can exploit this and bypass the security feature and perform unauthorized actions compromising the integrity of the system/application.\n (CVE-2020-17139)\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17094, CVE-2020-17098, CVE-2020-17140)", "cvss3": {}, "published": "2020-12-08T00:00:00", "type": "nessus", "title": "KB4592449: Windows 10 Version 1903 and Windows 10 Version 1909 December 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-16996", "CVE-2020-17092", "CVE-2020-17094", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17103", "CVE-2020-17131", "CVE-2020-17134", "CVE-2020-17136", "CVE-2020-17139", "CVE-2020-17140"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_DEC_4592449.NASL", "href": "https://www.tenable.com/plugins/nessus/143570", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143570);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2020-16958\",\n \"CVE-2020-16959\",\n \"CVE-2020-16960\",\n \"CVE-2020-16961\",\n \"CVE-2020-16962\",\n \"CVE-2020-16963\",\n \"CVE-2020-16964\",\n \"CVE-2020-16996\",\n \"CVE-2020-17092\",\n \"CVE-2020-17094\",\n \"CVE-2020-17095\",\n \"CVE-2020-17096\",\n \"CVE-2020-17097\",\n \"CVE-2020-17098\",\n \"CVE-2020-17103\",\n \"CVE-2020-17131\",\n \"CVE-2020-17134\",\n \"CVE-2020-17136\",\n \"CVE-2020-17139\",\n \"CVE-2020-17140\"\n );\n script_xref(name:\"MSKB\", value:\"4592449\");\n script_xref(name:\"MSFT\", value:\"MS20-4592449\");\n script_xref(name:\"IAVA\", value:\"2020-A-0561-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0562-S\");\n script_xref(name:\"IAVA\", value:\"2020-A-0555-S\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2020-0138\");\n\n script_name(english:\"KB4592449: Windows 10 Version 1903 and Windows 10 Version 1909 December 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4592449.\nIt is, therefore, affected by multiple vulnerabilities:\n\n - An elevation of privilege vulnerability. An attacker can\n exploit this to gain elevated privileges.\n (CVE-2020-16958, CVE-2020-16959, CVE-2020-16960,\n CVE-2020-16961, CVE-2020-16962, CVE-2020-16963,\n CVE-2020-16964, CVE-2020-17092, CVE-2020-17097,\n CVE-2020-17103, CVE-2020-17134, CVE-2020-17136)\n\n - A remote code execution vulnerability. An attacker can\n exploit this to bypass authentication and execute\n unauthorized arbitrary commands. (CVE-2020-17095,\n CVE-2020-17096)\n\n - A security feature bypass vulnerability exists. An\n attacker can exploit this and bypass the security\n feature and perform unauthorized actions compromising\n the integrity of the system/application.\n (CVE-2020-17139)\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2020-17094, CVE-2020-17098,\n CVE-2020-17140)\");\n # https://support.microsoft.com/en-us/help/4592449/windows-10-update-kb4592449\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c49efc98\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Cumulative Update KB4592449.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17096\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-17095\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS20-12';\nkbs = make_list('4592449');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(win10:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'10',\n sp:0,\n os_build:'18362',\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4592449])\n|| \n smb_check_rollup(os:'10',\n sp:0,\n os_build:'18363',\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4592449])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:48", "description": "The remote Windows host is missing security update 4592504 or cumulative update 4592498. It is, therefore, affected by multiple vulnerabilities:\n\n - An information disclosure vulnerability. An attacker can exploit this to disclose potentially sensitive information. (CVE-2020-17098)", "cvss3": {}, "published": "2020-12-08T00:00:00", "type": "nessus", "title": "KB4592504: Windows Server 2008 December 2020 Security Update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-17098"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS20_DEC_4592498.NASL", "href": "https://www.tenable.com/plugins/nessus/143562", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the Microsoft Security Updates API. The text\n# itself is copyright (C) Microsoft Corporation.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(143562);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2020-17098\");\n script_xref(name:\"MSKB\", value:\"4592504\");\n script_xref(name:\"MSKB\", value:\"4592498\");\n script_xref(name:\"MSFT\", value:\"MS20-4592504\");\n script_xref(name:\"MSFT\", value:\"MS20-4592498\");\n script_xref(name:\"IAVA\", value:\"2020-A-0562-S\");\n\n script_name(english:\"KB4592504: Windows Server 2008 December 2020 Security Update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Windows host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host is missing security update 4592504\nor cumulative update 4592498. It is, therefore, affected by\nmultiple vulnerabilities:\n\n - An information disclosure vulnerability. An attacker can\n exploit this to disclose potentially sensitive\n information. (CVE-2020-17098)\");\n # https://support.microsoft.com/en-us/help/4592504/windows-server-2008-update\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a272a17b\");\n # https://support.microsoft.com/en-us/help/4592498/windows-server-2008-update\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6c43d069\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply Security Only update KB4592504 or Cumulative Update KB4592498.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-17098\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"smb_check_rollup.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS20-12';\nkbs = make_list('4592504', '4592498');\n\nif (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_NOTE);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nget_kb_item_or_exit('SMB/WindowsVersion', exit_code:1);\n\nif (hotfix_check_sp_range(vista:'2') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nshare = hotfix_get_systemdrive(as_share:TRUE, exit_on_fail:TRUE);\nif (!is_accessible_share(share:share)) audit(AUDIT_SHARE_FAIL, share);\n\nif (\n smb_check_rollup(os:'6.0',\n sp:2,\n rollup_date:'12_2020',\n bulletin:bulletin,\n rollup_kb_list:[4592504, 4592498])\n)\n{\n replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_note();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, hotfix_get_audit_report());\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "kaspersky": [{"lastseen": "2023-06-06T15:22:44", "description": "### *Detect date*:\n12/08/2020\n\n### *Severity*:\nHigh\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information.\n\n### *Affected products*:\nWindows Server, version 2004 (Server Core installation) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows Server 2012 \nWindows Server 2012 R2 (Server Core installation) \nWindows Server, version 1909 (Server Core installation) \nWindows 10 Version 1607 for 32-bit Systems \nWindows Server 2016 \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 2004 for 32-bit Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 8.1 for 32-bit systems \nWindows 10 for x64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1903 for x64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows 10 Version 1903 for ARM64-based Systems \nWindows 10 Version 1909 for ARM64-based Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 7 for x64-based Systems Service Pack 1 \nWindows RT 8.1 \nWindows 10 Version 1803 for 32-bit Systems \nWindows Server 2016 (Server Core installation) \nWindows Server 2012 (Server Core installation) \nWindows Server 2019 \nWindows 10 Version 1909 for 32-bit Systems \nWindows 8.1 for x64-based systems \nWindows 10 Version 2004 for ARM64-based Systems \nWindows 10 Version 1903 for 32-bit Systems \nWindows 10 for 32-bit Systems \nWindows 10 Version 2004 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2012 R2 \nWindows Server, version 1903 (Server Core installation) \nWindows 10 Version 1803 for ARM64-based Systems \nWindows 10 Version 1803 for x64-based Systems \nWindows Server, version 20H2 (Server Core Installation)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2020-16959](<https://nvd.nist.gov/vuln/detail/CVE-2020-16959>) \n[CVE-2020-16958](<https://nvd.nist.gov/vuln/detail/CVE-2020-16958>) \n[CVE-2020-16961](<https://nvd.nist.gov/vuln/detail/CVE-2020-16961>) \n[CVE-2020-17098](<https://nvd.nist.gov/vuln/detail/CVE-2020-17098>) \n[CVE-2020-16964](<https://nvd.nist.gov/vuln/detail/CVE-2020-16964>) \n[CVE-2020-16960](<https://nvd.nist.gov/vuln/detail/CVE-2020-16960>) \n[CVE-2020-17140](<https://nvd.nist.gov/vuln/detail/CVE-2020-17140>) \n[CVE-2020-16962](<https://nvd.nist.gov/vuln/detail/CVE-2020-16962>) \n[CVE-2020-16963](<https://nvd.nist.gov/vuln/detail/CVE-2020-16963>) \n[ADV200013](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/ADV200013>) \n\n\n### *Impacts*:\nOSI \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2020-16964](<https://vulners.com/cve/CVE-2020-16964>)7.2High \n[CVE-2020-16960](<https://vulners.com/cve/CVE-2020-16960>)7.2High \n[CVE-2020-17140](<https://vulners.com/cve/CVE-2020-17140>)4.0Warning \n[CVE-2020-16962](<https://vulners.com/cve/CVE-2020-16962>)7.2High \n[CVE-2020-16963](<https://vulners.com/cve/CVE-2020-16963>)7.2High \n[CVE-2020-16961](<https://vulners.com/cve/CVE-2020-16961>)7.2High \n[CVE-2020-17098](<https://vulners.com/cve/CVE-2020-17098>)2.1Warning \n[CVE-2020-16959](<https://vulners.com/cve/CVE-2020-16959>)7.2High \n[CVE-2020-16958](<https://vulners.com/cve/CVE-2020-16958>)7.2High\n\n### *KB list*:\n[4592504](<http://support.microsoft.com/kb/4592504>) \n[4592471](<http://support.microsoft.com/kb/4592471>) \n[4592498](<http://support.microsoft.com/kb/4592498>) \n[4592503](<http://support.microsoft.com/kb/4592503>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T00:00:00", "type": "kaspersky", "title": "KLA12025 Multiple vulnerabilities in Microsoft Products (ESU)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-17098", "CVE-2020-17140"], "modified": "2020-12-16T00:00:00", "id": "KLA12025", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12025/", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-06T15:22:45", "description": "### *Detect date*:\n12/08/2020\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code.\n\n### *Affected products*:\nWindows Server, version 2004 (Server Core installation) \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) \nWindows Server 2012 \nWindows Server 2012 R2 (Server Core installation) \nWindows Server, version 1909 (Server Core installation) \nWindows 10 Version 1607 for 32-bit Systems \nWindows Server 2016 \nWindows Server 2019 (Server Core installation) \nWindows 10 Version 20H2 for 32-bit Systems \nWindows 7 for 32-bit Systems Service Pack 1 \nWindows 10 Version 20H2 for ARM64-based Systems \nWindows 10 Version 2004 for 32-bit Systems \nWindows 10 Version 1809 for x64-based Systems \nWindows 8.1 for 32-bit systems \nWindows 10 for x64-based Systems \nWindows Server 2008 R2 for x64-based Systems Service Pack 1 \nWindows Server 2008 for 32-bit Systems Service Pack 2 \nWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 20H2 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) \nWindows 10 Version 1903 for x64-based Systems \nWindows 10 Version 1909 for x64-based Systems \nWindows 10 Version 1809 for 32-bit Systems \nWindows 10 Version 1903 for ARM64-based Systems \nWindows 10 Version 1909 for ARM64-based Systems \nWindows 10 Version 1809 for ARM64-based Systems \nWindows 10 Version 1607 for x64-based Systems \nWindows 7 for x64-based Systems Service Pack 1 \nWindows RT 8.1 \nWindows 10 Version 1803 for 32-bit Systems \nWindows Server 2016 (Server Core installation) \nWindows Server 2012 (Server Core installation) \nWindows Server 2019 \nWindows 10 Version 1909 for 32-bit Systems \nWindows 8.1 for x64-based systems \nWindows 10 Version 2004 for ARM64-based Systems \nWindows 10 Version 1903 for 32-bit Systems \nWindows 10 for 32-bit Systems \nWindows 10 Version 2004 for x64-based Systems \nWindows Server 2008 for x64-based Systems Service Pack 2 \nWindows Server 2012 R2 \nWindows Server, version 1903 (Server Core installation) \nWindows 10 Version 1803 for ARM64-based Systems \nWindows 10 Version 1803 for x64-based Systems \nWindows Server, version 20H2 (Server Core Installation)\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2020-17103](<https://nvd.nist.gov/vuln/detail/CVE-2020-17103>) \n[CVE-2020-16964](<https://nvd.nist.gov/vuln/detail/CVE-2020-16964>) \n[CVE-2020-16960](<https://nvd.nist.gov/vuln/detail/CVE-2020-16960>) \n[CVE-2020-17140](<https://nvd.nist.gov/vuln/detail/CVE-2020-17140>) \n[CVE-2020-16962](<https://nvd.nist.gov/vuln/detail/CVE-2020-16962>) \n[CVE-2020-16963](<https://nvd.nist.gov/vuln/detail/CVE-2020-16963>) \n[CVE-2020-16961](<https://nvd.nist.gov/vuln/detail/CVE-2020-16961>) \n[CVE-2020-17099](<https://nvd.nist.gov/vuln/detail/CVE-2020-17099>) \n[CVE-2020-17098](<https://nvd.nist.gov/vuln/detail/CVE-2020-17098>) \n[CVE-2020-17097](<https://nvd.nist.gov/vuln/detail/CVE-2020-17097>) \n[CVE-2020-17096](<https://nvd.nist.gov/vuln/detail/CVE-2020-17096>) \n[CVE-2020-17095](<https://nvd.nist.gov/vuln/detail/CVE-2020-17095>) \n[CVE-2020-17094](<https://nvd.nist.gov/vuln/detail/CVE-2020-17094>) \n[CVE-2020-17092](<https://nvd.nist.gov/vuln/detail/CVE-2020-17092>) \n[CVE-2020-17138](<https://nvd.nist.gov/vuln/detail/CVE-2020-17138>) \n[CVE-2020-17139](<https://nvd.nist.gov/vuln/detail/CVE-2020-17139>) \n[CVE-2020-17134](<https://nvd.nist.gov/vuln/detail/CVE-2020-17134>) \n[CVE-2020-17136](<https://nvd.nist.gov/vuln/detail/CVE-2020-17136>) \n[CVE-2020-17137](<https://nvd.nist.gov/vuln/detail/CVE-2020-17137>) \n[CVE-2020-16996](<https://nvd.nist.gov/vuln/detail/CVE-2020-16996>) \n[CVE-2020-16959](<https://nvd.nist.gov/vuln/detail/CVE-2020-16959>) \n[CVE-2020-16958](<https://nvd.nist.gov/vuln/detail/CVE-2020-16958>) \n[ADV200013](<https://portal.msrc.microsoft.com/api/security-guidance/en-US/CVE/ADV200013>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Windows](<https://threats.kaspersky.com/en/product/Microsoft-Windows/>)\n\n### *CVE-IDS*:\n[CVE-2020-17103](<https://vulners.com/cve/CVE-2020-17103>)7.2High \n[CVE-2020-16964](<https://vulners.com/cve/CVE-2020-16964>)7.2High \n[CVE-2020-16960](<https://vulners.com/cve/CVE-2020-16960>)7.2High \n[CVE-2020-17140](<https://vulners.com/cve/CVE-2020-17140>)4.0Warning \n[CVE-2020-16962](<https://vulners.com/cve/CVE-2020-16962>)7.2High \n[CVE-2020-16963](<https://vulners.com/cve/CVE-2020-16963>)7.2High \n[CVE-2020-16961](<https://vulners.com/cve/CVE-2020-16961>)7.2High \n[CVE-2020-17099](<https://vulners.com/cve/CVE-2020-17099>)4.6Warning \n[CVE-2020-17098](<https://vulners.com/cve/CVE-2020-17098>)2.1Warning \n[CVE-2020-17097](<https://vulners.com/cve/CVE-2020-17097>)4.6Warning \n[CVE-2020-17096](<https://vulners.com/cve/CVE-2020-17096>)9.0Critical \n[CVE-2020-17095](<https://vulners.com/cve/CVE-2020-17095>)9.0Critical \n[CVE-2020-17094](<https://vulners.com/cve/CVE-2020-17094>)2.1Warning \n[CVE-2020-17092](<https://vulners.com/cve/CVE-2020-17092>)7.2High \n[CVE-2020-17138](<https://vulners.com/cve/CVE-2020-17138>)2.1Warning \n[CVE-2020-17139](<https://vulners.com/cve/CVE-2020-17139>)4.6Warning \n[CVE-2020-17134](<https://vulners.com/cve/CVE-2020-17134>)4.6Warning \n[CVE-2020-17136](<https://vulners.com/cve/CVE-2020-17136>)4.6Warning \n[CVE-2020-17137](<https://vulners.com/cve/CVE-2020-17137>)4.6Warning \n[CVE-2020-16996](<https://vulners.com/cve/CVE-2020-16996>)4.0Warning \n[CVE-2020-16959](<https://vulners.com/cve/CVE-2020-16959>)7.2High \n[CVE-2020-16958](<https://vulners.com/cve/CVE-2020-16958>)7.2High\n\n### *KB list*:\n[4592449](<http://support.microsoft.com/kb/4592449>) \n[4592440](<http://support.microsoft.com/kb/4592440>) \n[4592438](<http://support.microsoft.com/kb/4592438>) \n[4592484](<http://support.microsoft.com/kb/4592484>) \n[4593226](<http://support.microsoft.com/kb/4593226>) \n[4592495](<http://support.microsoft.com/kb/4592495>) \n[4592497](<http://support.microsoft.com/kb/4592497>) \n[4592446](<http://support.microsoft.com/kb/4592446>) \n[4592464](<http://support.microsoft.com/kb/4592464>) \n[4592468](<http://support.microsoft.com/kb/4592468>) \n[5000822](<http://support.microsoft.com/kb/5000822>) \n[5000847](<http://support.microsoft.com/kb/5000847>) \n[5000808](<http://support.microsoft.com/kb/5000808>) \n[5000803](<http://support.microsoft.com/kb/5000803>) \n[5000848](<http://support.microsoft.com/kb/5000848>) \n[5000802](<http://support.microsoft.com/kb/5000802>) \n[5000853](<http://support.microsoft.com/kb/5000853>) \n[5000840](<http://support.microsoft.com/kb/5000840>)\n\n### *Microsoft official advisories*:", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-12-08T00:00:00", "type": "kaspersky", "title": "KLA12024 Multiple vulnerabilities in Microsoft Windows", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-16996", "CVE-2020-17092", "CVE-2020-17094", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17099", "CVE-2020-17103", "CVE-2020-17134", "CVE-2020-17136", "CVE-2020-17137", "CVE-2020-17138", "CVE-2020-17139", "CVE-2020-17140"], "modified": "2021-03-24T00:00:00", "id": "KLA12024", "href": "https://threats.kaspersky.com/en/vulnerability/KLA12024/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "mscve": [{"lastseen": "2023-06-14T15:26:57", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16963, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Backup Engine Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-16962", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16962", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:26:57", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Backup Engine Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-16963", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16963", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:26:58", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Backup Engine Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-16958", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16958", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:26:58", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Backup Engine Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-16961", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16961", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:26:58", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Backup Engine Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-16959", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16959", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:26:58", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Backup Engine Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-16960", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16960", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:26:57", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Backup Engine Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-16964", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16964", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:27:02", "description": "Windows Lock Screen Security Feature Bypass Vulnerability", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Lock Screen Security Feature Bypass Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17099"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-17099", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17099", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-14T15:27:03", "description": "Windows Network Connections Service Elevation of Privilege Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Network Connections Service Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17092"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-17092", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17092", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:26:54", "description": "Windows SMB Information Disclosure Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows SMB Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-17140", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17140", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-14T15:26:57", "description": "Kerberos Security Feature Bypass Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Kerberos Security Feature Bypass Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16996"], "modified": "2021-03-12T08:00:00", "id": "MS:CVE-2020-16996", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16996", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}, {"lastseen": "2023-06-14T15:27:02", "description": "Windows NTFS Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows NTFS Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17096"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-17096", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17096", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:27:02", "description": "Windows Digital Media Receiver Elevation of Privilege Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Digital Media Receiver Elevation of Privilege Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17097"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-17097", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17097", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-06-14T15:27:02", "description": "Windows GDI+ Information Disclosure Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows GDI+ Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17098"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-17098", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17098", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-14T15:27:03", "description": "Hyper-V Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Hyper-V Remote Code Execution Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17095"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-17095", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17095", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}, {"lastseen": "2023-06-14T15:27:00", "description": "Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17094.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Error Reporting Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17094", "CVE-2020-17138"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-17138", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17138", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-14T15:27:03", "description": "Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17138.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mscve", "title": "Windows Error Reporting Information Disclosure Vulnerability", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17094", "CVE-2020-17138"], "modified": "2020-12-08T08:00:00", "id": "MS:CVE-2020-17094", "href": "https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17094", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2023-06-06T14:30:14", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16963, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-16962", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2020-16962", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16962", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:x64:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:13", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-16959", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2020-16959", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16959", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:x64:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:13", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-16958", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2020-16958", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16958", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:x64:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:15", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-16964", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2020-16964", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16964", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:x64:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:15", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-16960", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2020-16960", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16960", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:x64:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:17", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-16961", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2020-16961", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16961", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:x64:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:15", "description": "Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16964.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-16963", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2020-16963", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16963", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:x64:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:40", "description": "Windows Lock Screen Security Feature Bypass Vulnerability", "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 6.8, "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-17099", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17099"], "modified": "2021-03-03T21:51:00", "cpe": ["cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2020-17099", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17099", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:47", "description": "Windows SMB Information Disclosure Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-17140", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_7:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1909"], "id": "CVE-2020-17140", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17140", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:arm64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x86:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x86:*"]}, {"lastseen": "2023-06-06T14:30:42", "description": "Windows NTFS Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-17096", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17096"], "modified": "2021-03-04T18:26:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2020-17096", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17096", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:21", "description": "Kerberos Security Feature Bypass Vulnerability", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-16996", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16996"], "modified": "2021-03-03T21:13:00", "cpe": ["cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2020-16996", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16996", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:39", "description": "Windows Network Connections Service Elevation of Privilege Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-17092", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17092"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2020-17092", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17092", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:39", "description": "Windows Digital Media Receiver Elevation of Privilege Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-17097", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17097"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2020-17097", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17097", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:39", "description": "Windows GDI+ Information Disclosure Vulnerability", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-17098", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17098"], "modified": "2021-03-03T21:07:00", "cpe": ["cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_rt_8.1:-", "cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_server_2012:r2", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_7:sp1", "cpe:/o:microsoft:windows_8.1:-", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_server_2008:-", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_server_2012:-", "cpe:/o:microsoft:windows_10:1607", "cpe:/o:microsoft:windows_server_2008:r2", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_10:1909"], "id": "CVE-2020-17098", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17098", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_7:sp1:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:40", "description": "Hyper-V Remote Code Execution Vulnerability", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-17095", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17095"], "modified": "2021-03-03T21:09:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2020-17095", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17095", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:x64:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:47", "description": "Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17094.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-17138", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17094", "CVE-2020-17138"], "modified": "2021-07-21T11:39:00", "cpe": ["cpe:/o:microsoft:windows_server_2016:-", "cpe:/o:microsoft:windows_10:1607"], "id": "CVE-2020-17138", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17138", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:30:39", "description": "Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17138.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-10T00:15:00", "type": "cve", "title": "CVE-2020-17094", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17094", "CVE-2020-17138"], "modified": "2021-03-03T21:34:00", "cpe": ["cpe:/o:microsoft:windows_10:1803", "cpe:/o:microsoft:windows_server_2019:-", "cpe:/o:microsoft:windows_10:20h2", "cpe:/o:microsoft:windows_server_2016:1909", "cpe:/o:microsoft:windows_server_2016:1903", "cpe:/o:microsoft:windows_10:1909", "cpe:/o:microsoft:windows_server_2016:2004", "cpe:/o:microsoft:windows_10:2004", "cpe:/o:microsoft:windows_10:1809", "cpe:/o:microsoft:windows_10:1903", "cpe:/o:microsoft:windows_10:-", "cpe:/o:microsoft:windows_server_2016:20h2", "cpe:/o:microsoft:windows_server_2016:-"], "id": "CVE-2020-17094", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-17094", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1803:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_10:1903:*:*:*:*:*:*:*", "cpe:2.3:o:microsoft:windows_server_2016:1903:*:*:*:*:*:*:*"]}], "rapid7blog": [{"lastseen": "2020-12-12T10:47:13", "description": "![Patch Tuesday - December 2020](https://blog.rapid7.com/content/images/2020/12/patches-2.jpg)\n\nWe close off our 2020 year of Patch Tuesdays with 58 vulnerabilities being addressed. While it's a higher count than our typical December months (high thirties), it's still a nice breath of fresh air given how the past year has been. We do, however, get to celebrate that none of the reported vulnerabilities covered this month has been publicly exploited nor previously publicly disclosed and only 9 of the 58 vulnerabilities have been marked as Critical by Microsoft.\n\nIn terms of actionables, standard procedures can be followed here in terms of how to prioritize which sets of patches to apply first with two exceptions.\n\n## Microsoft Office vulnerabilities\n\nA fair amount of remote code executions targeting Microsoft Excel are being patched up today and while none of them have the Preview Pane set as an attack vector, the volume of remote code execution vulnerabilities pertaining to Microsoft Office this month may suggest a slight re-jig of priorities. That's our first (minor) exception.\n\nThe next exception is likely the most notable piece behind this December 2020 Patch Tuesday: Microsoft Exchange Server.\n\n## Microsoft Exchange Server vulnerabilities\n\nWhile there are a total of six vulnerabilities from Microsoft Exchange Server this month, two of them garner a CVSS score of 9.1 ([CVE-2020-17132](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17132>), [CVE-2020-17142](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17142>)) and one is noted by Microsoft has having a higher chance of exploitability ([CVE-2020-17144](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17144>)). These three warrant an additional examination and may be grounds for prioritizing patching.\n\nThere is currently suspicion that [CVE-2020-17132](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17132>) helps address the patch bypass of [CVE-2020-16875](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-16875>) (CVSS 8.4) from September 2020. As well, both [CVE-2020-17132](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17132>) and [CVE-2020-17142](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17142>) are remote code execution vulnerabilities occurring due to improper validation of cmdlet arguments that affect all supported (as of writing) versions of Microsoft Exchange. One important note to consider is while these vulnerabilities have received a CVSS score of 9.1 and do not require additional user interaction, an attacker must be in an authenticated role in order to exploit this vulnerability.\n\nIn contrast, [CVE-2020-17144](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17144>) which is another remote code execution vulnerability also stemming from improper validation for cmdlet arguments, this one only affects Exchange Server 2010 SP3 and does require additional user interaction to successfully execute. This is extra interesting as [Microsoft Exchange Server 2010 passed end of life back on October 22, 2020](<https://techcommunity.microsoft.com/t5/exchange-team-blog/microsoft-extending-end-of-support-for-exchange-server-2010-to/ba-p/753591>). The introduction of this post-EOL patch for Microsoft Exchange Server 2010 coupled with Microsoft noting this vulnerability to be more likely exploitable does suggest prioritizing this patch a bit earlier.\n\n## New Summary Tables\n\nIn an attempt to provide a bit more summarizing tables, here are this month's patched vulnerabilities split by the product family.\n\n### Azure Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17160](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17160>) | Azure Sphere Security Feature Bypass Vulnerability | False | False | 7.4 | True \n[CVE-2020-16971](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16971>) | Azure SDK for Java Security Feature Bypass Vulnerability | False | False | 7.4 | False \n \n### Browser Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17153](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17153>) | Microsoft Edge for Android Spoofing Vulnerability | False | False | 4.3 | True \n[CVE-2020-17131](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17131>) | Chakra Scripting Engine Memory Corruption Vulnerability | False | False | 4.2 | False \n \n### Developer Tools Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17148](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17148>) | Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17150](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17150>) | Visual Studio Code Remote Code Execution Vulnerability | False | False | 7.8 | False \n[CVE-2020-17156](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17156>) | Visual Studio Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17159](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17159>) | Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | False | False | 7.8 | False \n[CVE-2020-17002](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17002>) | Azure SDK for C Security Feature Bypass Vulnerability | False | False | 7.4 | False \n[CVE-2020-17135](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17135>) | Azure DevOps Server Spoofing Vulnerability | False | False | 6.4 | False \n[CVE-2020-17145](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17145>) | Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | False | False | 5.4 | False \n \n### ESU Windows Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17140](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17140>) | Windows SMB Information Disclosure Vulnerability | False | False | 8.1 | True \n[CVE-2020-16958](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16958>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16959](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16959>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16960](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16960>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16961](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16961>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16962](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16962>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16963](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16963>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-16964](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16964>) | Windows Backup Engine Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-17098](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17098>) | Windows GDI+ Information Disclosure Vulnerability | False | False | 5.5 | True \n \n### Exchange Server Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17132](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17132>) | Microsoft Exchange Remote Code Execution Vulnerability | False | False | 9.1 | True \n[CVE-2020-17142](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17142>) | Microsoft Exchange Remote Code Execution Vulnerability | False | False | 9.1 | True \n[CVE-2020-17143](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17143>) | Microsoft Exchange Information Disclosure Vulnerability | False | False | 8.8 | True \n[CVE-2020-17141](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17141>) | Microsoft Exchange Remote Code Execution Vulnerability | False | False | 8.4 | True \n[CVE-2020-17144](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17144>) | Microsoft Exchange Remote Code Execution Vulnerability | False | False | 8.4 | True \n[CVE-2020-17117](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17117>) | Microsoft Exchange Remote Code Execution Vulnerability | False | False | 6.6 | False \n \n### Microsoft Dynamics Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17152](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17152>) | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | False | False | 8.8 | True \n[CVE-2020-17158](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17158>) | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | False | False | 8.8 | True \n[CVE-2020-17147](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17147>) | Dynamics CRM Webclient Cross-site Scripting Vulnerability | False | False | 8.7 | True \n[CVE-2020-17133](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17133>) | Microsoft Dynamics Business Central/NAV Information Disclosure | False | False | 6.5 | True \n \n### Microsoft Office Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17121](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17121>) | Microsoft SharePoint Remote Code Execution Vulnerability | False | False | 8.8 | True \n[CVE-2020-17118](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17118>) | Microsoft SharePoint Remote Code Execution Vulnerability | False | False | 8.1 | False \n[CVE-2020-17115](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17115>) | Microsoft SharePoint Spoofing Vulnerability | False | False | 8 | True \n[CVE-2020-17122](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17122>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17123](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17123>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17124](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17124>) | Microsoft PowerPoint Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17125](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17125>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17127](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17127>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17128](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17128>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17129](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17129>) | Microsoft Excel Remote Code Execution Vulnerability | False | False | 7.8 | True \n[CVE-2020-17089](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17089>) | Microsoft SharePoint Elevation of Privilege Vulnerability | False | False | 7.1 | False \n[CVE-2020-17119](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17119>) | Microsoft Outlook Information Disclosure Vulnerability | False | False | 6.5 | True \n[CVE-2020-17130](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17130>) | Microsoft Excel Security Feature Bypass Vulnerability | False | False | 6.5 | True \n[CVE-2020-17126](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17126>) | Microsoft Excel Information Disclosure Vulnerability | False | False | 5.5 | True \n[CVE-2020-17120](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17120>) | Microsoft SharePoint Information Disclosure Vulnerability | False | False | 5.3 | True \n \n### Windows Vulnerabilities\n\nCVE | Vulnerability Title | Exploited | Disclosed | CVSS3 | has_faq \n---|---|---|---|---|--- \n[CVE-2020-17095](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17095>) | Hyper-V Remote Code Execution Vulnerability | False | False | 8.5 | True \n[CVE-2020-17092](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17092>) | Windows Network Connections Service Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-17134](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17134>) | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-17136](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17136>) | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-17137](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17137>) | DirectX Graphics Kernel Elevation of Privilege Vulnerability | False | False | 7.8 | False \n[CVE-2020-17139](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17139>) | Windows Overlay Filter Security Feature Bypass Vulnerability | False | False | 7.8 | False \n[CVE-2020-17096](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17096>) | Windows NTFS Remote Code Execution Vulnerability | False | False | 7.5 | True \n[CVE-2020-17103](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17103>) | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | False | False | 7 | False \n[CVE-2020-17099](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17099>) | Windows Lock Screen Security Feature Bypass Vulnerability | False | False | 6.8 | True \n[CVE-2020-16996](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16996>) | Kerberos Security Feature Bypass Vulnerability | False | False | 6.5 | True \n[CVE-2020-17094](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17094>) | Windows Error Reporting Information Disclosure Vulnerability | False | False | 5.5 | True \n[CVE-2020-17138](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17138>) | Windows Error Reporting Information Disclosure Vulnerability | False | False | 5.5 | True \n[CVE-2020-17097](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17097>) | Windows Digital Media Receiver Elevation of Privilege Vulnerability | False | False | 3.3 | False \n \n## Summary Graphs\n\n![Patch Tuesday - December 2020](https://blog.rapid7.com/content/images/2020/12/output_18_2.png)![Patch Tuesday - December 2020](https://blog.rapid7.com/content/images/2020/12/output_20_2.png)![Patch Tuesday - December 2020](https://blog.rapid7.com/content/images/2020/12/output_25_1.png)![Patch Tuesday - December 2020](https://blog.rapid7.com/content/images/2020/12/output_26_1.png)", "cvss3": {}, "published": "2020-12-08T21:36:27", "type": "rapid7blog", "title": "Patch Tuesday - December 2020", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-16875", "CVE-2020-16958", "CVE-2020-16959", "CVE-2020-16960", "CVE-2020-16961", "CVE-2020-16962", "CVE-2020-16963", "CVE-2020-16964", "CVE-2020-16971", "CVE-2020-16996", "CVE-2020-17002", "CVE-2020-17089", "CVE-2020-17092", "CVE-2020-17094", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17097", "CVE-2020-17098", "CVE-2020-17099", "CVE-2020-17103", "CVE-2020-17115", "CVE-2020-17117", "CVE-2020-17118", "CVE-2020-17119", "CVE-2020-17120", "CVE-2020-17121", "CVE-2020-17122", "CVE-2020-17123", "CVE-2020-17124", "CVE-2020-17125", "CVE-2020-17126", "CVE-2020-17127", "CVE-2020-17128", "CVE-2020-17129", "CVE-2020-17130", "CVE-2020-17131", "CVE-2020-17132", "CVE-2020-17133", "CVE-2020-17134", "CVE-2020-17135", "CVE-2020-17136", "CVE-2020-17137", "CVE-2020-17138", "CVE-2020-17139", "CVE-2020-17140", "CVE-2020-17141", "CVE-2020-17142", "CVE-2020-17143", "CVE-2020-17144", "CVE-2020-17145", "CVE-2020-17147", "CVE-2020-17148", "CVE-2020-17150", "CVE-2020-17152", "CVE-2020-17153", "CVE-2020-17156", "CVE-2020-17158", "CVE-2020-17159", "CVE-2020-17160"], "modified": "2020-12-08T21:36:27", "id": "RAPID7BLOG:99D9180FBF3F900ADB0CDC5EF79EC080", "href": "https://blog.rapid7.com/2020/12/08/patch-tuesday-december-2020/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "mskb": [{"lastseen": "2023-06-23T19:30:35", "description": "None\n**NEW 8/5/21 \nEXPIRATION NOTICE****IMPORTANT **As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. \n\n**UPDATED 12/8/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1803 update history home page.\n\n**NEW 12/8/20 \nIMPORTANT **Adobe Flash Player will go out of support on December 31, 2020. For more information, see [Adobe Flash end of support on December 31, 2020](<https://docs.microsoft.com/en-us/lifecycle/announcements/adobe-flash-end-of-support#:~:text=Adobe%20will%20end%20support%20of,site%2Dby%2Dsite%20basis.>). Flash content will be blocked from running in Flash Player beginning January 12, 2021. For more information, see [Adobe Flash Player EOL General Information Page](<https://www.adobe.com/products/flashplayer/end-of-life.html>).\n\n## Highlights\n\n * Updates to improve security when using Microsoft Edge Legacy.\n * Updates to improve security when using Microsoft Office products.\n * Updates an issue that prevents the PDF24 app, version 9.1.1, from opening .txt files.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue that prevents the PDF24 app, version 9.1.1, from opening .txt files.\n * Security updates to Microsoft Edge Legacy, the Microsoft Graphics Component, Windows Media, Windows Fundamentals, and Windows Virtualization.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4580398) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4592446>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4592446](<https://download.microsoft.com/download/8/5/5/85523697-c83a-482e-ba5f-36ecbf32bbc5/4592446.csv>). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4592446 (OS Build 17134.1902) - EXPIRED", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T08:00:00", "id": "KB4592446", "href": "https://support.microsoft.com/en-us/help/4592446", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-23T19:30:44", "description": "None\n**NEW 12/8/20 \nIMPORTANT **Adobe Flash Player will go out of support on December 31, 2020. For more information, see [Adobe Flash end of support on December 31, 2020](<https://docs.microsoft.com/en-us/lifecycle/announcements/adobe-flash-end-of-support#:~:text=Adobe%20will%20end%20support%20of,site%2Dby%2Dsite%20basis.>). Flash content will be blocked from running in Flash Player beginning January 12, 2021. For more information, see [Adobe Flash Player EOL General Information Page](<https://www.adobe.com/products/flashplayer/end-of-life.html>).\n\n**IMPORTANT** Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4586845](<https://support.microsoft.com/help/4586845>) (released November 10, 2020) and addresses the following issues:\n\n * Addresses an issue in which PDF24 Creator version 9.1.1 cannot open .txt files.\n * Security updates to Windows Graphics, Windows Peripherals, and Windows Core Networking.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566425](<https://support.microsoft.com/help/4566425>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4592484>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4592484](<https://download.microsoft.com/download/d/c/f/dcf120c1-0eb2-4b07-976d-75c1ccb3efcc/4592484.csv>). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4592484 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T08:00:00", "id": "KB4592484", "href": "https://support.microsoft.com/en-us/help/4592484", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-23T19:30:45", "description": "None\n**NEW 12/8/20 \nIMPORTANT **Adobe Flash Player will go out of support on December 31, 2020. For more information, see [Adobe Flash end of support on December 31, 2020](<https://docs.microsoft.com/en-us/lifecycle/announcements/adobe-flash-end-of-support#:~:text=Adobe%20will%20end%20support%20of,site%2Dby%2Dsite%20basis.>). Flash content will be blocked from running in Flash Player beginning January 12, 2021. For more information, see [Adobe Flash Player EOL General Information Page](<https://www.adobe.com/products/flashplayer/end-of-life.html>).\n\n**IMPORTANT** Windows 8.1 and Windows Server 2012 R2 have reached the end of mainstream support and are now in extended support. Starting in July 2020, there will no longer be optional, non-security releases (known as \"C\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 8.1 and Windows Server 2012 R2 update history [home page](<https://support.microsoft.com/help/4009470>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Security updates to Windows Graphics, Windows Peripherals, and Windows Core Networking.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before you install the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566425](<https://support.microsoft.com/help/4566425>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). \n\n**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)).\n\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4592495>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 8.1, Windows Server 2012 R2, Windows Embedded 8.1 Industry Enterprise, Windows Embedded 8.1 Industry Pro**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4592495](<https://download.microsoft.com/download/8/b/7/8b77686d-a973-44ac-a9c2-6befa7c874a4/4592495.csv>). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4592495 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T08:00:00", "id": "KB4592495", "href": "https://support.microsoft.com/en-us/help/4592495", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-23T19:30:46", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 SP1 and Windows Server 2008 R2 SP1 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Security updates to Windows Graphics, Windows Peripherals, Windows Storage and Filesystems, and Windows File Server and Clustering.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website. \n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer,\u201d and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update****IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the _latest_ SSU ([KB4592510](<https://support.microsoft.com/help/4592510>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).\n\n**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)).\n\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4592503>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4592503](<https://download.microsoft.com/download/6/a/9/6a9abff1-e04b-45dd-970c-bac930fa86f0/4592503.csv>).\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4592503 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T08:00:00", "id": "KB4592503", "href": "https://support.microsoft.com/en-us/help/4592503", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-23T19:30:44", "description": "None\n**NEW 12/8/20 \nIMPORTANT **Adobe Flash Player will go out of support on December 31, 2020. For more information, see [Adobe Flash end of support on December 31, 2020](<https://docs.microsoft.com/en-us/lifecycle/announcements/adobe-flash-end-of-support#:~:text=Adobe%20will%20end%20support%20of,site%2Dby%2Dsite%20basis.>). Flash content will be blocked from running in Flash Player beginning January 12, 2021. For more information, see [Adobe Flash Player EOL General Information Page](<https://www.adobe.com/products/flashplayer/end-of-life.html>).\n\n**IMPORTANT** Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4586834](<https://support.microsoft.com/help/4586834>) (released November 10, 2020) and addresses the following issues:\n\n * Addresses an issue in which PDF24 Creator version 9.1.1 cannot open .txt files.\n * Security updates to Windows Graphics, Windows Peripherals, and Windows Core Networking.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566426](<https://support.microsoft.com/help/4566426>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4592468>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for update 4592468](<https://download.microsoft.com/download/a/9/e/a9eb1736-3a9b-47c5-a099-6c0e28deec03/4592468.csv>). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4592468 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T08:00:00", "id": "KB4592468", "href": "https://support.microsoft.com/en-us/help/4592468", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-23T19:30:47", "description": "None\n**NEW 8/5/21 \nEXPIRATION NOTICE****IMPORTANT **As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. \n\n**NEW 12/8/20 \nIMPORTANT **Adobe Flash Player will go out of support on December 31, 2020. For more information, see [Adobe Flash end of support on December 31, 2020](<https://docs.microsoft.com/en-us/lifecycle/announcements/adobe-flash-end-of-support#:~:text=Adobe%20will%20end%20support%20of,site%2Dby%2Dsite%20basis.>). Flash content will be blocked from running in Flash Player beginning January 12, 2021. For more information, see [Adobe Flash Player EOL General Information Page](<https://www.adobe.com/products/flashplayer/end-of-life.html>).\n\n**11/19/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1607 update history home page.\n\n## Highlights\n\n * Updates to improve security when using Microsoft Office products.\n * Updates an issue that prevents the PDF24 app, version 9.1.1, from opening .txt files.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue that prevents the PDF24 app, version 9.1.1, from opening .txt files.\n * Security updates to the Microsoft Graphics Component, Windows Media, Windows Fundamentals, and Windows Virtualization.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing KB4467684, the cluster service may fail to start with the error \u201c2245 (NERR_PasswordTooShort)\u201d if the group policy \u201cMinimum Password Length\u201d is configured with greater than 14 characters.| This issue is resolved in KB4601318. \n \n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4576750) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). **Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4593226>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4593226](<https://download.microsoft.com/download/b/f/9/bf9f9ea6-7185-4cfc-9628-7e549d98fd45/4593226.csv>).\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4593226 (OS Build 14393.4104) - EXPIRED", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T08:00:00", "id": "KB4593226", "href": "https://support.microsoft.com/en-us/help/4593226", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-23T19:30:47", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\n**IMPORTANT** WSUS scan cab files will continue to be available for Windows Server 2008 SP2. If you have a subset of devices running this operating system without ESU, they might show as _non-compliant_ in your patch management and compliance toolsets.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Security updates to Windows Graphics and Windows Peripherals.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update****IMPORTANT** Customers who have purchased the [Extended Security Update (ESU)](<https://www.microsoft.com/en-us/cloud-platform/extended-security-updates>) for on-premises versions of this OS must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information on ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) or the Update for the Extended Security Updates (ESU) Licensing Preparation Package ([KB4575904](<https://support.microsoft.com/help/4575904>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, we strongly recommend that you install the _latest_ SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).\n\n**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)).\n\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4592504>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4592504](<https://download.microsoft.com/download/4/8/3/4831732e-18bd-4b57-a883-4b87c74aecda/4592504.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4592504 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17098"], "modified": "2020-12-08T08:00:00", "id": "KB4592504", "href": "https://support.microsoft.com/en-us/help/4592504", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-23T19:30:46", "description": "None\n**NEW 12/8/20 \nIMPORTANT **Adobe Flash Player will go out of support on December 31, 2020. For more information, see [Adobe Flash end of support on December 31, 2020](<https://docs.microsoft.com/en-us/lifecycle/announcements/adobe-flash-end-of-support#:~:text=Adobe%20will%20end%20support%20of,site%2Dby%2Dsite%20basis.>). Flash content will be blocked from running in Flash Player beginning January 12, 2021. For more information, see [Adobe Flash Player EOL General Information Page](<https://www.adobe.com/products/flashplayer/end-of-life.html>).\n\n**IMPORTANT** Windows Server 2012 has reached the end of mainstream support and is now in extended support. Starting in July 2020, there will no longer be optional releases (known as \"C\" or \"D\" releases) for this operating system. Operating systems in extended support have only cumulative monthly security updates (known as the \"B\" or Update Tuesday release).\n\nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2012 update history [home page](<https://support.microsoft.com/help/4009471>).\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Security updates to Windows Graphics, Windows Peripherals, and Windows Core Networking.\nFor more information about the resolved security vulnerabilities, please refer to the [Security Update Guide](<https://portal.msrc.microsoft.com/security-guidance>).\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update**We strongly recommend that you install the latest servicing stack update (SSU) for your operating system before installing the latest Rollup. SSUs improve the reliability of the update process to mitigate potential issues while installing the Rollup and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).If you use Windows Update, the latest SSU ([KB4566426](<https://support.microsoft.com/help/4566426>)) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). \n\n**REMINDER** If you are using Security-only updates, you will also need to install all previous Security-only updates and the latest cumulative update for Internet Explorer ([KB4586768](<https://support.microsoft.com/help/4586768>)).\n\n**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| No| See the other options below. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4592497>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2012, Windows Embedded 8 Standard**Classification**: Security Update \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4592497](<https://download.microsoft.com/download/2/4/5/245216d1-63c7-40b2-ab27-94e0e7be4bc8/4592497.csv>).\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4592497 (Security-only update)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T08:00:00", "id": "KB4592497", "href": "https://support.microsoft.com/en-us/help/4592497", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-23T19:30:44", "description": "None\n**NEW 8/5/21 \nEXPIRATION NOTICE****IMPORTANT **As of 8/5/2021, this KB is no longer available from Windows Update, the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security quality update. \n\n**NEW 12/8/20 \nIMPORTANT **Adobe Flash Player will go out of support on December 31, 2020. For more information, see [Adobe Flash end of support on December 31, 2020](<https://docs.microsoft.com/en-us/lifecycle/announcements/adobe-flash-end-of-support#:~:text=Adobe%20will%20end%20support%20of,site%2Dby%2Dsite%20basis.>). Flash content will be blocked from running in Flash Player beginning January 12, 2021. For more information, see [Adobe Flash Player EOL General Information Page](<https://www.adobe.com/products/flashplayer/end-of-life.html>).\n\n**UPDATED 12/8/20** \nFor information about Windows update terminology, see the article about the [types of Windows updates](<https://docs.microsoft.com/en-us/troubleshoot/windows-client/deployment/standard-terminology-software-updates>) and the [monthly quality update types](<https://techcommunity.microsoft.com/t5/windows-it-pro-blog/windows-10-update-servicing-cadence/ba-p/222376>). To view other notes and messages, see the Windows 10, version 1507 update history home page.\n\n## Highlights\n\n * Updates to improve security when using Microsoft Office products.\n * Updates an issue that prevents the PDF24 app, version 9.1.1, from opening .txt files.\n\n## Improvements and fixes\n\nThis security update includes quality improvements. Key changes include:\n\n * Addresses an issue that prevents the PDF24 app, version 9.1.1, from opening .txt files.\n * Security updates to the Microsoft Graphics Component and Windows Media.\nIf you installed earlier updates, only the new fixes contained in this package will be downloaded and installed on your device.For more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n**Windows Update Improvements**Microsoft has released an update directly to the Windows Update client to improve reliability. Any device running Windows 10 configured to receive updates automatically from Windows Update, including Enterprise and Pro editions, will be offered the latest Windows 10 feature update based on device compatibility and Windows Update for Business deferral policy. This doesn't apply to long-term servicing editions.\n\n## Known issues in this update\n\nMicrosoft is not currently aware of any issues with this update.\n\n## How to get this update\n\n**Before installing this update**Microsoft strongly recommends that you install the latest servicing stack update (SSU) for your operating system before installing the latest cumulative update (LCU). SSUs improve the reliability of the update process to mitigate potential issues while installing the LCU and applying Microsoft security fixes. For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and Servicing Stack Updates (SSU): Frequently Asked Questions.If you are using Windows Update, the latest SSU (KB4565911) will be offered to you automatically. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4592464>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 10**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4592464](<https://download.microsoft.com/download/6/6/5/665e19b3-ba77-4a37-aa12-0fb46cc45ced/4592464.csv>). \n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4592464 (OS Build 10240.18782) - EXPIRED", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T08:00:00", "id": "KB4592464", "href": "https://support.microsoft.com/en-us/help/4592464", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-23T19:30:44", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\nFor information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows 7 SP1 and Windows Server 2008 R2 SP1 update history [home page](<https://support.microsoft.com/help/4009469>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4586827](<https://support.microsoft.com/help/4586827>) (released November 10, 2020) and addresses the following issues:\n\n * Security updates to Windows Graphics, Windows Peripherals, Windows Storage and Filesystems, and Windows File Server and Clustering.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom **| **Workaround ** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer,\u201d and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following: \n\n * Perform the operation from a process that has administrator privilege. \n * Perform the operation from a node that doesn\u2019t have CSV ownership. \nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update****IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends. Extended support ends as follows:\n\n * For Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, extended support ends on January 14, 2020.\n * For Windows Embedded Standard 7, extended support ends on October 13, 2020.\nFor more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Note** For Windows Embedded Standard 7, Windows Management Instrumentation (WMI) must be enabled to get updates from Windows Update or Windows Server Update Services.**Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The March 12, 2019 servicing stack update (SSU) ([KB4490628](<https://support.microsoft.com/help/4490628>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released September 10, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. For Windows Thin PC, you must have the August 11, 2020 SSU ([KB4570673](<https://support.microsoft.com/help/4570673>)) or a later SSU installed to make sure you continue to get the extended security updates starting with the October 13, 2020 updates.\n 4. To get this security update, you must reinstall the \"Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4538483](<https://support.microsoft.com/help/4538483>)) or the \"Update for the Extended Security Updates (ESU) Licensing Preparation Package\" ([KB4575903](<https://support.microsoft.com/help/4575903>)) even if you previously installed the ESU key. The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter you install the items above, we strongly recommend that you install the _latest_ SSU ([KB4592510](<https://support.microsoft.com/help/4592510>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4592471>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1, Windows Embedded Standard 7 Service Pack 1, Windows Embedded POSReady 7, Windows Thin PC**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4592471](<https://download.microsoft.com/download/8/9/3/893b74d6-697d-4b96-ab07-845663edc238/4592471.csv>).\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4592471 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T08:00:00", "id": "KB4592471", "href": "https://support.microsoft.com/en-us/help/4592471", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2023-06-23T19:30:46", "description": "None\n**IMPORTANT **Verify that you have installed the required updates listed in the **How to get this update** section _before_ installing this update. \n\nFor more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following [article](<https://support.microsoft.com/help/824684>). To view other notes and messages, see the Windows Server 2008 Service Pack 2 update history [home page](<https://support.microsoft.com/help/4343218>).\n\n## Improvements and fixes\n\nThis security update includes improvements and fixes that were a part of update [KB4586807](<https://support.microsoft.com/help/4586807>) (released November 10, 2020) and addresses the following issues:\n\n * Addresses an issue in which PDF24 Creator version 9.1.1 cannot open .txt files.\n * Security updates to Windows Graphics and Windows Peripherals.\nFor more information about the resolved security vulnerabilities, please refer to the new [Security Update Guide](<https://msrc.microsoft.com/update-guide>) website.\n\n## Known issues in this update\n\n**Symptom**| **Workaround** \n---|--- \nAfter installing this update and restarting your device, you might receive the error, \u201cFailure to configure Windows updates. Reverting Changes. Do not turn off your computer\u201d, and the update might show as **Failed** in **Update History**.| This is expected in the following circumstances:\n\n * If you are installing this update on a device that is running an edition that is not supported for ESU. For a complete list of which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).\n * If you do not have an ESU MAK add-on key installed and activated.\nIf you have purchased an ESU key and have encountered this issue, please verify you have applied all prerequisites and that your key is activated. For information on activation, please see this [blog](<https://aka.ms/Windows7ESU>) post. For information on the prerequisites, see the \"How to get this update\" section of this article. \nCertain operations, such as **rename**, that you perform on files or folders that are on a Cluster Shared Volume (CSV) may fail with the error, \u201cSTATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\u201d. This occurs when you perform the operation on a CSV owner node from a process that doesn\u2019t have administrator privilege.| Do one of the following:\n\n * Perform the operation from a process that has administrator privilege.\n * Perform the operation from a node that doesn\u2019t have CSV ownership.\nMicrosoft is working on a resolution and will provide an update in an upcoming release. \n \n## How to get this update\n\n**Before installing this update****IMPORTANT** Customers who have purchased the Extended Security Update (ESU) for on-premises versions of these operating systems must follow the procedures in [KB4522133](<https://support.microsoft.com/help/4522133>) to continue receiving security updates after extended support ends on January 14, 2020.For more information about ESU and which editions are supported, see [KB4497181](<https://support.microsoft.com/help/4497181>).**Prerequisite:**You must install the updates listed below and **_restart your device_** before installing the latest Rollup. Installing these updates improves the reliability of the update process and mitigates potential issues while installing the Rollup and applying Microsoft security fixes.\n\n 1. The April 9, 2019 servicing stack update (SSU) ([KB4493730](<https://support.microsoft.com/help/4493730>)). To get the standalone package for this SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). This update is required to install updates that are only SHA-2 signed.\n 2. The latest SHA-2 update ([KB4474419](<https://support.microsoft.com/help/4474419>)) released October 8, 2019. If you are using Windows Update, the latest SHA-2 update will be offered to you automatically. This update is required to install updates that are only SHA-2 signed. For more information on SHA-2 updates, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](<https://support.microsoft.com/help/4472027>).\n 3. The Extended Security Updates (ESU) Licensing Preparation Package ([KB4538484](<https://support.microsoft.com/help/4538484>)) or the Update for the Extended Security Updates (ESU) Licensing Preparation Package ([KB4575904](<https://support.microsoft.com/help/4575904>)). The ESU licensing preparation package will be offered to you from WSUS. To get the standalone package for ESU licensing preparation package, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>).\nAfter installing the items above, Microsoft strongly recommends that you install the _latest_ SSU ([KB4580971](<https://support.microsoft.com/help/4580971>)). If you are using Windows Update, the latest SSU will be offered to you automatically if you are an ESU customer. To get the standalone package for the latest SSU, search for it in the [Microsoft Update Catalog](<http://www.catalog.update.microsoft.com/home.aspx>). For general information about SSUs, see [Servicing stack updates](<https://docs.microsoft.com/en-us/windows/deployment/update/servicing-stack-updates>) and [Servicing Stack Updates (SSU): Frequently Asked Questions](<https://support.microsoft.com/help/4535697>).**Install this update****Release Channel**| **Available**| **Next Step** \n---|---|--- \nWindows Update and Microsoft Update| Yes| None. This update will be downloaded and installed automatically from Windows Update if you are an ESU customer. \nMicrosoft Update Catalog| Yes| To get the standalone package for this update, go to the [Microsoft Update Catalog](<https://www.catalog.update.microsoft.com/Search.aspx?q=KB4592498>) website. \nWindows Server Update Services (WSUS)| Yes| This update will automatically sync with WSUS if you configure **Products and Classifications** as follows:**Product**: Windows Server 2008 Service Pack 2**Classification**: Security Updates \n**File information**For a list of the files that are provided in this update, download the [file information for cumulative update 4592498](<https://download.microsoft.com/download/d/8/3/d8307ad9-933a-4a91-a808-6d2a1927123c/4592498.csv>).\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-08T08:00:00", "type": "mskb", "title": "December 8, 2020\u2014KB4592498 (Monthly Rollup)", "bulletinFamily": "microsoft", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17098"], "modified": "2020-12-08T08:00:00", "id": "KB4592498", "href": "https://support.microsoft.com/en-us/help/4592498", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "ibm": [{"lastseen": "2023-02-27T21:44:24", "description": "## Summary\n\nMultiple Vulnerabilities identified in MS Windows Server platforms. Information about vulnerabilities has been published in the provider security update guide. \n\n## Vulnerability Details\n\nRefer to the security bulletin(s) listed in the Remediation/Fixes section\n\n## Affected Products and Versions\n\nMain Product version (s)| Affected Supporting Product Version(s) \n---|--- \nIBM Cloud Pak System V2.3| Microsoft Windows Server 2012 Microsoft Windows Server 2016 Microsoft Windows Server 2019 \n \n\n\n## Remediation/Fixes\n\nInformation about vulnerabilities in MS Windows Server platforms has been published in the provider security updates. If you are running specific configurations, recommendation is to review your environment. Consult Security Update Guide to search for available patches corresponding to the platform in use in your environment, see [MS Security TechCenter - December 2020](<https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-16996> \"Kerberos Security Feature Bypass Vulnerability\" ). \n\n \n\n\n \n\n\n## Workarounds and Mitigations\n\nnone\n\n## ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-04-06T23:03:35", "type": "ibm", "title": "Security Bulletin: Multiple Vulnerabilities in Windows Server supporting products bundled with Cloud Pak Systems", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16996"], "modified": "2021-04-06T23:03:35", "id": "F34133DBAC4F6FEF866DB845BED95244FB18E8AD56C9EDC4C9EFFFDFD49046C8", "href": "https://www.ibm.com/support/pages/node/6440675", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "checkpoint_advisories": [{"lastseen": "2022-02-16T19:36:36", "description": "An information disclosure vulnerability has been reported in the SMBv2 component of Microsoft Windows SMB server. The vulnerability is due to improper handling of SMB2_SET_INFO messages. A remote, authenticated attacker can exploit this vulnerability by sending crafted SMBv2 messages to the target server.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-12-08T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Windows SMB Server Information Disclosure (CVE-2020-17140)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17140"], "modified": "2020-12-08T00:00:00", "id": "CPAI-2020-1272", "href": "", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:P/I:N/A:N"}}, {"lastseen": "2022-02-16T19:36:37", "description": "A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-12-08T00:00:00", "type": "checkpoint_advisories", "title": "Microsoft Windows SMB Remote Code Execution (CVE-2020-17096)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.0, "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-17096"], "modified": "2020-12-08T00:00:00", "id": "CPAI-2020-1250", "href": "", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "qualysblog": [{"lastseen": "2020-12-12T10:20:59", "description": "This month\u2019s Microsoft Patch Tuesday addresses 58 vulnerabilities with 9 of them labeled as Critical. The 9 Critical vulnerabilities cover Exchange, SharePoint, Hyper-V, Chakra Scripting, and several other workstation vulnerabilities. Adobe released patches today for Experience Manager, Prelude, Lightroom and [pre-notification security advisory for Acrobat and Reader](<https://blogs.adobe.com/psirt/?p=1957>).\n\n### Workstation Patches\n\nToday\u2019s Patch Tuesday fixes vulnerabilities that would impact workstations. The Office, Edge, Chakra vulnerabilities should be prioritized for workstation-type devices, meaning any system that is used for email or to access the internet via a browser. This includes multi-user servers that are used as remote desktops for users.\n\n### Microsoft Exchange RCE\n\nMicrosoft patched five Remote Code Execution vulnerabilities in Exchange ([CVE-2020-17141](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17141>), [](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17142>)[CVE-2020-17142](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17142>), [CVE-2020-17144,](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17144>) [CVE-2020-17117](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17117>), [CVE-2020-17132](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17132>)), which would allow an attacker to run code as system by sending a malicious email. Microsoft does rank them as \u201cExploitation Less Likely,\u201d but due to the open attack vector, these patches should be prioritized on all Exchange Servers.\n\n### SharePoint RCE\n\nMicrosoft patched two RCEs ([CVE-2020-17121](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17121>) and [CVE-2020-17118](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17118>)) in SharePoint. [CVE-2020-17121](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17121>) allows an authenticated attacker to gain access to create a site and execute code remotely within the kernel. Because of this, it is highly recommended to prioritize these patches across all SharePoint deployments.\n\n### Hyper-V RCE\n\nMicrosoft also patched an RCE vulnerability in Hyper-V ([CVE-2020-17095](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17095>)) which allows an attacker to run malicious programs on Hyper-V virtual machine to execute arbitrary code on the host system when it fails to properly validate vSMB packet data. This should be prioritized on all Hyper-V systems.\n\n### Windows NTFS RCE\n\nWhile listed as Important, there is a RCE vulnerability ([CVE-2020-17096](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17096>)) in Microsoft Windows. A local attacker could exploit this vulnerability to elevate the attacker's privileges or a remote attacker with SMBv2 access to affected system could send malicious requests over the network. \n\n### Windows Lock Screen Security Bypass\n\nAn important vulnerability is patched by Microsoft ([CVE-2020-17099](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17099>)) where an attacker with physical access to the target system could perform actions on a locked system, thereby executing code from Windows lock screen in the context of the active user session. This patch should be prioritized across all Windows devices.\n\n### Adobe\n\nAdobe issued patches today covering multiple vulnerabilities in [Adobe Experience Manager](<https://helpx.adobe.com/security/products/experience-manager/apsb20-72.html>), [Lightroom](<https://helpx.adobe.com/security/products/lightroom/apsb20-74.html>), [Prelude](<https://helpx.adobe.com/security/products/reader-mobile/apsb20-71.htmlhttps://helpx.adobe.com/security/products/prelude/apsb20-70.html>) and [Pre-notification Security Advisory for Acrobat and Reader](<https://helpx.adobe.com/security/products/acrobat/apsb20-75.html>). The patches for Experience Manager and Acrobat/Reader are labeled as [Priority 2 ](<https://helpx.adobe.com/security/severity-ratings.html>), while the remaining patches are set to [Priority 3](<https://helpx.adobe.com/security/severity-ratings.html>).\n\nWhile none of the vulnerabilities disclosed in Adobe\u2019s release are known to be Actively Attacked today, all patches should be prioritized on systems with these products installed.\n\n### About Patch Tuesday\n\nPatch Tuesday QIDs are published at [Security Alerts](<https://www.qualys.com/research/security-alerts/>), typically late in the evening of [Patch Tuesday](<https://blog.qualys.com/tag/patch-tuesday>).", "cvss3": {}, "published": "2020-12-08T20:26:44", "type": "qualysblog", "title": "December 2020 Patch Tuesday \u2013 58 Vulnerabilities, 9 Critical, Windows Exchange, Hyper-V, SharePoint, Adobe", "bulletinFamily": "blog", "cvss2": {}, "cvelist": ["CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17099", "CVE-2020-17117", "CVE-2020-17118", "CVE-2020-17121", "CVE-2020-17132", "CVE-2020-17141", "CVE-2020-17142", "CVE-2020-17144"], "modified": "2020-12-08T20:26:44", "id": "QUALYSBLOG:D6BB8795D96ECAD5C95596F19210BB13", "href": "https://blog.qualys.com/category/vulnerabilities-research", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2023-06-07T13:50:24", "description": "Kerberos Security Feature Bypass Vulnerability\n\n#### Notes\n\nAuthor| Note \n---|--- \n[mdeslaur](<https://launchpad.net/~mdeslaur>) | this is a Microsoft-specific issue\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-12-10T00:00:00", "type": "ubuntucve", "title": "CVE-2020-16996", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16996"], "modified": "2020-12-10T00:00:00", "id": "UB:CVE-2020-16996", "href": "https://ubuntu.com/security/CVE-2020-16996", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "thn": [{"lastseen": "2022-05-09T12:38:42", "description": "[![Microsoft Windows Security Update](https://thehackernews.com/images/-wZcaIEHX7Zo/X9BZDmYe2-I/AAAAAAAABMU/Pg1oyzktpWMoZFhMfp5peSGqQMfOdZQqwCLcBGAsYHQ/s728-e1000/Update-Microsoft-Windows.jpg)](<https://thehackernews.com/images/-wZcaIEHX7Zo/X9BZDmYe2-I/AAAAAAAABMU/Pg1oyzktpWMoZFhMfp5peSGqQMfOdZQqwCLcBGAsYHQ/s0/Update-Microsoft-Windows.jpg>)\n\nMicrosoft on Tuesday released fixes for 58 newly discovered security flaws spanning as many as 11 products and services as part of its final [Patch Tuesday of 2020](<https://msrc.microsoft.com/update-guide/releaseNote/2020-Dec>), effectively bringing their CVE total to 1,250 for the year.\n\nOf these 58 patches, nine are rated as Critical, 46 are rated as Important, and three are rated Moderate in severity.\n\nThe December security release addresses issues in Microsoft Windows, Edge browser, ChakraCore, Microsoft Office, Exchange Server, Azure DevOps, Microsoft Dynamics, Visual Studio, Azure SDK, and Azure Sphere.\n\nFortunately, none of these flaws this month have been reported as publicly known or being actively exploited in the wild.\n\nThe fixes for December concern a number of remote code execution (RCE) flaws in Microsoft Exchange (CVE-2020-17132), SharePoint (CVE-2020-17118 and CVE-2020-17121), Excel (CVE-2020-17123), and Hyper-V virtualization software (CVE-2020-17095), as well as a patch for a security feature bypass in Kerberos (CVE-2020-16996), and a number of privilege escalation flaws in Windows Backup Engine and Windows Cloud Files Mini Filter Driver.\n\nCVE-2020-17095 also carries the highest CVSS score of 8.5 among all vulnerabilities addressed in this month's release.\n\n\"To exploit this vulnerability, an attacker could run a specially crafted application on a Hyper-V guest that could cause the Hyper-V host operating system to execute arbitrary code when it fails to properly validate vSMB packet data,\" Microsoft [noted](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17095>).\n\nAdditionally included as part of this month's release is an [advisory](<https://msrc.microsoft.com/update-guide/en-us/vulnerability/ADV200013>) for a [DNS cache poisoning](<https://blog.cloudflare.com/sad-dns-explained/>) vulnerability (CVE-2020-25705) discovered by security researchers from Tsinghua University and the University of California last month.\n\nDubbed a Side-channel AttackeD DNS attack (or [SAD DNS attack](<https://thehackernews.com/2020/11/sad-dns-new-flaws-re-enable-dns-cache.html>)), the flaw could enable an attacker to spoof the DNS packet, which can be cached by the DNS Forwarder or the DNS Resolver, thereby re-enabling DNS cache poisoning attacks.\n\nTo mitigate the risk, Microsoft recommends a Registry workaround that involves changing the maximum UDP packet size to 1,221 bytes (4C5 Hexadecimal).\n\n\"For responses larger than 4C5 or 1221, the DNS resolver would now switch to TCP,\" the Windows maker stated in its advisory.\n\nSince the attack relies on sending spoofed UDP (User Datagram Protocol) messages to defeat source port randomization for DNS requests, implementing the tweak will cause larger DNS queries to switch to TCP, thus mitigating the flaw.\n\nIt's highly advised that Windows users and system administrators apply the latest security patches to resolve the threats associated with these issues.\n\nTo install the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update, or by selecting Check for Windows updates.\n\n \n\n\nFound this article interesting? Follow THN on [Facebook](<https://www.facebook.com/thehackernews>), [Twitter _\uf099_](<https://twitter.com/thehackersnews>) and [LinkedIn](<https://www.linkedin.com/company/thehackernews/>) to read more exclusive content we post.\n", "cvss3": {"exploitabilityScore": 3.1, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 9.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2020-12-09T04:57:00", "type": "thn", "title": "Microsoft Releases Windows Update (Dec 2020) to Fix 58 Security Flaws", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16996", "CVE-2020-17095", "CVE-2020-17118", "CVE-2020-17121", "CVE-2020-17123", "CVE-2020-17132", "CVE-2020-25705"], "modified": "2020-12-09T04:58:40", "id": "THN:BCD236457064C9D8673B1536BE370718", "href": "https://thehackernews.com/2020/12/microsoft-releases-windows-update-dec.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2020-12-08T20:30:01", "description": "Microsoft has addressed 58 CVEs (nine of them critical) for its December 2020 Patch Tuesday update. This brings the computing giant\u2019s patch tally to 1,250 for the year \u2013 well beyond 2019\u2019s 840.\n\nThis month\u2019s security bugs affect Microsoft Windows, Edge (EdgeHTML-based), ChakraCore, Microsoft Office and Office Services and Web Apps, Exchange Server, Azure DevOps, Microsoft Dynamics, Visual Studio, Azure SDK and Azure Sphere, according to the update. None are listed as publicly known or under active attack. Also, no vulnerability was assigned a CVSSv3 severity score of 9.0 or higher.\n\n## **Critical Bug Breakdown**\n\nThree of the critical flaws are found in Microsoft Exchange (CVE-2020-17117, CVE-2020-17132 and CVE-2020-17142), all allowing remote code execution (RCE). [One of these](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17132>) occurs due to improper validation of cmdlet arguments, according to Microsoft, which doesn\u2019t provide an attack scenario but does note that the attacker needs be authenticated with privileges.\n\n\u201cThis indicates that if you take over someone\u2019s mailbox, you can take over the entire Exchange server,\u201d according to Dustin Childs at Trend Micro\u2019s Zero Day Initiative (ZDI), writing in a [Tuesday analysis](<https://www.zerodayinitiative.com/blog/2020/12/8/the-december-2020-security-update-review>). \u201cWith all of the other Exchange bugs, definitely prioritize your Exchange test and deployment.\u201d\n\n[![](https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg)](<https://threatpost.com/newsletter-sign/>)\n\nAlso on the Exchange front, [CVE-2020-17132](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17132>) addresses a patch bypass for CVE-2020-16875, which was reported and patched in September\u2019s Patch Tuesday release. While not critical, it\u2019s of note, Childs said.\n\nChilds also flagged [CVE-2020-17121](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17121>), one of two critical RCE bugs in Microsoft SharePoint (the other is [CVE-2020-17118](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17118>)). Originally reported through ZDI program, the bug could allow an authenticated user to execute arbitrary .NET code on an affected server in the context of the SharePoint Web Application service account.\n\n\u201cIn its default configuration, authenticated SharePoint users are able to create sites that provide all of the necessary permissions that are prerequisites for launching an attack,\u201d Childs explained. \u201cSimilar bugs [patched earlier this year](<https://threatpost.com/microsofts-patch-tuesday-critical-rce-bugs/159044/>) received quite a bit of attention. We suspect this one will, too.\u201d\n\nIn fact, the Sharepoint CVEs should take patching priority, Immersive Labs\u2019 Kevin Breen, director of cyberthreat research, said via email. \u201cBoth are rated as critical as they have RCE, and Sharepoint can be used like a watering hole inside large organizations by an attacker,\u201d he said. \u201cAll it takes is for a few weaponized documents to be placed for malicious code to spread across an organization.\u201d\n\nAnother critical bug of note is tracked as [CVE-2020-17095](<https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-17095>), a Hyper-V RCE vulnerability that allows an attacker to escalate privileges from code execution in a Hyper-V guest to code execution on the Hyper-V host by passing invalid vSMB packet data. The flaw carries the highest CVSS score in the update, coming in at 8.5, since no special permissions are needed to exploit it.\n\n\u201cTo exploit this vulnerability, an adversary could run a custom application on a Hyper-V guest that would cause the Hyper-V host operating system to allow arbitrary code execution when it fails to properly validate vSMB packet data,\u201d explained Automox researcher Jay Goodman, via email. \u201cThe vulnerability is present on most builds of Windows 10 and Windows Server 2004 and forward.\u201d\n\nTwo post-authentication RCE flaws in Microsoft Dynamics 365 for Finance and Operations (on-premises) ([CVE-2020-17158](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17158>) and [CVE-2020-17152](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17152>)) round out the critical patches, along with a memory-corruption issue in the Chakra Scripting Engine, which impacts the Edge browser ([CVE-2020-17131](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17131>)).\n\n\u201cOnly one [of the critical-rated updates] (surprisingly) impacts the browser,\u201d Childs said. \u201cThat patch corrects a bug within the JIT compiler. By performing actions in JavaScript, an attacker can trigger a memory-corruption condition, which leads to code execution. The lack of browser updates could also be a conscious decision by Microsoft to ensure a bad patch for a browser does not disrupt online shopping during the holiday season.\u201d\n\nThough it\u2019s a lighter than usual month for the volume of patches, the steady flow of critical RCE bugs present a great deal of risk, said Justin Knapp, researcher at Automox, via email.\n\n\u201cInstead of having to manipulate a user to click a malicious link or attachment, bad actors merely have to target an unpatched system to gain initial access, at which point a number of methods can be employed to increase access to valuable assets,\u201d he said, referring to this month\u2019s critical RCE problems. \u201cIt goes without saying that the speed at which an organization can deploy these fixes will dictate the level of risk they take on.\u201d\n\n## **Other Bugs, Patching **\n\nIn addition to the critical bugs, a full 46 of the bugs are rated as important, and three are rated moderate in severity. The important bugs include 10 Office issues bugs impacting Outlook, PowerPoint and Excel \u2014 for these, Office 2019 versions for Mac do not have patches yet.\n\n\u201cThis is a book-end to a year that began with Microsoft addressing 49 CVEs in January of 2020, followed by eight consecutive months with over 90 CVEs addressed. In 2020, Microsoft released patches for over 1,200 CVEs,\u201d Satnam Narang, principal research engineer, Tenable, told Threatpost.\n\nPatching may be more difficult than ever going forward. \u201cOne of the things that stands out is that Microsoft has removed a lot of the detail they usually share with such advisories,\u201d Breen said. \u201cFor me, this could lead to some issues. Patching is not as easy as just clicking an update button and security teams like to gain a deeper understanding of what they are doing. Instead, however, they are expected to operate with less information.\u201d\n\nElsewhere, [Adobe issued patches](<https://threatpost.com/adobe-windows-macos-critical-severity-flaws/162007/>) for flaws tied to one important-rated and three critical-severity CVEs, during its regularly scheduled December security updates.\n\n\u201cWhile lighter than usual, the most severe allow for arbitrary code execution including three critical severity CVEs and one less severe (important-rated) flaw identified,\u201d Nick Colyer, researcher from Automox said. \u201cThe holidays present unique challenges to security teams\u2019 upcoming out-of-office time and the severity of the vulnerabilities Adobe has addressed are non-trivial against those challenges. It is important to prioritize any major vulnerabilities during holidays to reduce the threat surface exposed to would-be attackers.\u201d\n\n**_Put Ransomware on the Run: Save your spot for \u201cWhat\u2019s Next for Ransomware,\u201d a _**[**_FREE Threatpost webinar_**](<https://threatpost.com/webinars/whats-next-for-ransomware/?utm_source=ART&utm_medium=ART&utm_campaign=Dec_webinar>)**_ on Dec. 16 at 2 p.m. ET. Find out what\u2019s coming in the ransomware world and how to fight back. _**\n\n**_Get the latest from John (Austin) Merritt, Cyber Threat Intelligence Analyst at Digital Shadows; Limor Kessem, Executive Security Advisor, IBM Security; and Israel Barak, CISO at Cybereason, on new kinds of attacks. Topics will include the most dangerous ransomware threat actors, their evolving TTPs and what your organization needs to do to get ahead of the next, inevitable ransomware attack. _**[**_Register here_**](<https://threatpost.com/webinars/whats-next-for-ransomware/?utm_source=ART&utm_medium=ART&utm_campaign=Dec_webinar>)**_ for the Wed., Dec. 16 for this LIVE webinar._**\n\n**BONUS CONTENT: Download our exclusive **[**FREE Threatpost Insider eBook,**](<https://threatpost.com/ebooks/healthcare-security-woes-balloon-in-a-covid-era-world/?utm_source=FEATURE&utm_medium=FEATURE&utm_campaign=Nov_eBook>) [_**Healthcare Security Woes Balloon in a Covid-Era World**_](<https://threatpost.com/ebooks/healthcare-security-woes-balloon-in-a-covid-era-world/?utm_source=ART&utm_medium=ART&utm_campaign=Nov_eBook>)**, sponsored by ZeroNorth.**\n", "cvss3": {}, "published": "2020-12-08T20:23:30", "type": "threatpost", "title": "Microsoft Wraps Up a Lighter Patch Tuesday for the Holidays", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2020-16875", "CVE-2020-17095", "CVE-2020-17117", "CVE-2020-17118", "CVE-2020-17121", "CVE-2020-17131", "CVE-2020-17132", "CVE-2020-17142", "CVE-2020-17152", "CVE-2020-17158"], "modified": "2020-12-08T20:23:30", "id": "THREATPOST:02914A68EEB34D94544D5D00BF463BAC", "href": "https://threatpost.com/microsoft-patch-tuesday-holidays/162041/", "cvss": {"score": 9.0, "vector": "AV:N/AC:L/Au:S/C:C/I:C/A:C"}}], "avleonov": [{"lastseen": "2021-01-30T22:26:39", "description": "In this episode I would like to make a status update of my [Vulristics project](<https://github.com/leonov-av/vulristics>). For those who don't know, in this project I retrieve publicly available vulnerability data and analyze it to better understand the severity of these vulnerabilities and better prioritize them. Currently, it is mainly about Microsoft Patch Tuesday vulnerabilities, but I have plans to go further. Also in this episode I want to demonstrate the new Vulristics features on Microsoft Patch Tuesday reports for October, November and December 2020.\n\n![Vulristics Vulnerability Scores, automated data collection and Microsoft Patch Tuesday Q4 2020](https://avleonov.com/wp-content/uploads/2021/01/bitmap.png)\n\n## Patch Tuesdays Automated Data Collection\n\nFirst of all, I dealt with the annoying collecting of the data for Microsoft Patch Tuesdays reports. Previously it took pretty long time. I had to go to Microsoft website and [search for CVE IDs](<https://msrc.microsoft.com/update-guide/vulnerability>). After that, I had to get the comments from various Vulnerability Management vendors and researchers blogs (Tenable, Qualys, Rapid7, ZDI). I wanted this to be as much automated as possible. I have added some code to make CVE search requests on the Microsoft website for a date range (including the second Tuesday of the month). I also figured out how to make searches on the Vulnerability Management vendors blogs. So, now to get a Microsoft Patch Tuesday report it's only necessary to set the year and month. \n\nSimple like this:\n \n \n import functions_report_ms_patch_tuesday_\n \n _functions_report_ms_patch_tuesday.make_ms_patch_tuesday_report(year=**\"2020\"**, month=**\"December\"**, rewrite_flag=True)\n\n## Vulristics Vulnerability Scoring (VVS)\n\nI decided that CVSS is not suitable for evaluating, sorting and comparing vulnerabilities. I needed something to automatically process hundreds vulnerabilities every month and to highlight the most critical ones. Finally, I decided to make my own scoring - Vulristics Vulnerability Scoring (VVS). \n\nDo you know the perfect formula for counting vulnerability criticality? Well, I don't. ![\ud83d\ude42](https://s.w.org/images/core/emoji/13.0.1/72x72/1f642.png) Any scoring that I can make will be subjective and will probably change over time. But at least I can make it transparent and easily changeable, so that everyone can make their own vulnerability scoring most appropriate for a particular organization.\n\nSuch scoring should consider \n\n * CVSS Base score \n * existence of the exploit\n * exploitability of the vulnerability in the wild\n * popularity of the vulnerable software \n * type of the vulnerability\n\nExamples: \n\n2\\. ![]( http://www.avleonov.com/vulnicons/eop.png) **Elevation of Privilege** - Windows Kernel Local ([CVE-2020-17087](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17087>)) - Critical [628] \ncomponent| value| weight| comment \n---|---|---|--- \nExploited in the Wild| 1.0| 18| Exploitation in the wild is mentioned at Vulners ([AttackerKB](<https://vulners.com/attackerkb/AKB:B72B19ED-8E0B-4C11-9C2D-95A25BCC42A6>) object), [AttackerKB](<https://attackerkb.com/topics/y8mmBHc710/cve-2020-17087-windows-kernel-local-privilege-escalation-0day>), [Microsoft](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2020-17087>) \nPublic Exploit Exists| 0| 17| Public exploit is NOT found at Vulners website \nCriticality of Vulnerability Type| 0.5| 15| Elevation of Privilege \nVulnerable Product is Common| 1.0| 14| Windows component \nCVSS Base Score| 0.7| 10| NVD Vulnerability Severity Rating is High \n3\\. ![]( http://www.avleonov.com/vulnicons/eop.png) **Elevation of Privilege** - Windows Print Spooler ([CVE-2020-17001](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17001>)) - Critical [614] \ncomponent| value| weight| comment \n---|---|---|--- \nExploited in the Wild| 0| 18| Exploitation in the wild is NOT found at Vulners, Microsoft and AttackerKB websites \nPublic Exploit Exists| 1.0| 17| Public exploit is found at Vulners ([Microsoft Windows Local Spooler Bypass](<https://vulners.com/PACKETSTORM/PACKETSTORM:160028>)) \nCriticality of Vulnerability Type| 0.5| 15| Elevation of Privilege \nVulnerable Product is Common| 1.0| 14| Windows component \nCVSS Base Score| 0.7| 10| NVD Vulnerability Severity Rating is High \n \n### Exploitablity in The Wild and Vulners\n\nThe really interesting thing was to detect if the vulnerability is being exploited in real attacks. I made a post in my telegram channel asking for ideas. We can't use Microsoft data directly because they do not update it after the initial vulnerability release. Other good sources are [AttackerKB by Rapid7](<https://attackerkb.com/>) and [US-CERT Bulletins](<https://us-cert.cisa.gov/ncas/current-activity/2020/10/29/microsoft-warns-continued-exploitation-cve-2020-1472>). \n\nI asked my friends from the Vulners team to add this feature and now you can [search for CVEs exploited in the wild](<https://vulners.com/search?query=enchantments.exploitation.wildExploited:true>) based on data from AttackerKB and US-CERT. \n\n![Vulners: Search for CVEs exploited in the wild](https://avleonov.com/wp-content/uploads/2020/12/InTheWild_vulners.png)\n\nAnd also this data is available in JSON format for the vulnerability:\n \n \n ... \n \"exploitation\": {\n \"wildExploited\": true,\n \"wildExploitedSources\": [\n {\n \"type\": \"cisa\",\n \"idList\": [\n \"CISA:2B970469D89016F563E142BE209443D8\",\n \"CISA:61F2653EF56231DB3AEC3A9E938133FE\",\n \"CISA:990FCFCEB1D9B60F5FAA47A1F537A3CB\"\n ]\n },\n {\n \"type\": \"attackerkb\",\n \"idList\": [\n \"AKB:7C5703D3-9E18-4F5C-A4D2-25E1F09B43CB\"\n ]\n }\n ],\n \"modified\": \"2020-12-25T13:57:26\"\n },\n ... \n \n\nI also added direct AttackerKB processing to Vulristics and some code to filter out false positives in "Exploitablity in The Wild".\n\n### VM Vendor's Comments \n\nWhat about VM Vendor's Comments? Firstly I thought that the existence of the comment from the vendor should be taken into consideration when counting the vulnerability score. But then I decided that it's a bad practice because the vendors are not who makes the criticality but they help you to test your scoring.\n\nFor example, if your score shows that some vulnerability is critical and vulnerability management vendors don't mention it, this means that your scoring has some flaws or the experts of VM vendor don't understand something. \n\n## Microsoft Patch Tuesdays Q4 2020\n\nNow let's take a look on the Vulrisctics Microsoft Patch Tuesday reports for October, November and December 2020.\n\n### October 2020\n\n * All vulnerabilities: 87\n * Urgent: 0\n * Critical: 2\n * High: 20\n * Medium: 63\n * Low: 2\n\nIt has been an interesting month. \n\nMost of the VM vendors and researchers focused on "**Remote Code Execution** - Windows TCP/IP ([CVE-2020-16898](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16898>)) - High [500]", dubbed "Bad Neighbor". It affects all supported versions of Windows OS, and maybe unsupported/earlier versions of Windows as well. Tenable wrote: "According to a blog post from McAfee, Microsoft Active Protections Program (MAPP) members were provided with a test script that successfully demonstrates exploitation of this vulnerability to cause a denial of service (DoS). While the test scenario does not provide the ability to pivot to RCE, an attacker could craft a wormable exploit to achieve RCE. While an additional bug would be required to craft an exploit, it is likely that we will see proof-of-concept (PoC) code released in the near future." However, there has been no news since October.\n\nBut there is a more critical vulnerability with a public exploit "**Remote Code Execution** - Microsoft SharePoint ([CVE-2020-16952](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16952>)) - Critical [640]". It was mentioned by all vendors, but without much emphasis.\n\nAnd the second critical vulnerability is "**Elevation of Privilege** - Windows COM Server ([CVE-2020-16916](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16916>)) - Critical [628]" for which there is a flag of exploitation in the wild in AttackerKB. How much can you believe it? Well AttackerKB is a crowdsourcing platform, so possibly it can be fake.\n\nFor many other vulnerabilities (including 19 RCEs), there are no exploits or signs of exploitation in the wild. Among them, much attention has been paid to RCE in Microsoft Outlook ([CVE-2020-16947](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16947>)). A quote from Tenable: "Because Outlook\u2019s Preview Pane is affected by this flaw, a user does not have to open the message in order for the vulnerability to be exploited. As Outlook is widely used for enterprise email, we highly recommend prioritizing the patching of this CVE."\n\n### November 2020\n\n * All vulnerabilities: 112\n * Urgent: 0\n * Critical: 3\n * High: 17\n * Medium: 90\n * Low: 2\n\n2 vulnerabilities were critical because there is information about them that they are Exploited in the wild. \n\nAll VM vendors initially did not notice "**Security Feature Bypass** - Kerberos KDC ([CVE-2020-17049](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17049>)) - Critical [709]", only ZDI wrote that they don't understand what it is: "What security feature in Kerberos is being bypassed? What is the likelihood?". But then a post appeared with a [detailed description of the exploitation](<https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-attack/>). \n\nThe second critical is "**Elevation of Privilege** - Windows Kernel Local ([CVE-2020-17087](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17087>)) - Critical [628]". It was used to escape Google Chrome\u2019s sandbox in order to elevate privileges on the exploited system.\n\nThe third critical vulnerability "**Elevation of Privilege** - Windows Print Spooler ([CVE-2020-17001](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17001>)) - Critical [614]" has a public exploit at Vulners ([Microsoft Windows Local Spooler Bypass](<https://vulners.com/PACKETSTORM/160028>)) \n\nMost of the comments this month were about "**Remote Code Execution** - Windows Network File System ([CVE-2020-17051](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17051>)) - High [513]". A quote from Tenable: "In a blog post by McAfee, there is speculation about combining **CVE-2020-17051** with CVE-2020-17056, a remote kernel data read vulnerability in NFS, in order to bypass address space layout randomization (ASLR), which could increase the probability of a remote exploit". But in fact, we did not see any attacks or exploits for this vulnerability.\n\nAlso worth mentioning RCEs in\n\n * Microsoft Exchange Server ([CVE-2020-17083](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17083>), [CVE-2020-17084](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17084>))\n * Windows Print Spooler ([CVE-2020-17042](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17042>))\n * Microsoft Excel ([CVE-2020-17019](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17019>), [CVE-2020-17064](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17064>), [CVE-2020-17065](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17065>), [CVE-2020-17066](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17066>))\n * Microsoft SharePoint ([CVE-2020-17061](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17061>))\n * Microsoft Teams ([CVE-2020-17091](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17091>))\n\nBut we did not see any attacks or exploits for them either.\n\n### December 2020\n\n * All vulnerabilities: 58\n * Urgent: 0\n * Critical: 1\n * High: 23\n * Medium: 30\n * Low: 4\n\nThere were no vulnerabilities with exploits. \n\nThe critical is only "**Remote Code Execution** - Microsoft Exchange ([CVE-2020-17144](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17144>)) - Critical [705]", because of AttackerKB. How realistic is this? You know, crowdsourcing. Rapid7: **CVE-2020-17144** which is another remote code execution vulnerability also stemming from improper validation for cmdlet arguments, this one only affects Exchange Server 2010 SP3 and does require additional user interaction to successfully execute". Besides this, there were many other Microsoft Exchange RCEs ([CVE-2020-17117](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17117>), [CVE-2020-17132](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17132>), [CVE-2020-17141](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17141>), [CVE-2020-17142](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17142>)).\n\nOther RCEs worth mentioning were in:\n\n * Windows NTFS ([CVE-2020-17096](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17096>)). Tenable: "An RCE in Windows NT File System (NTFS), the file system used in Microsoft Windows and Microsoft Windows Server. No user interaction is required to exploit this vulnerability. Depending on the attacker\u2019s position, there are a few avenues for exploitation. For an attacker that has already established a local position on the vulnerable system, executing a malicious application that exploits the flaw would result in an elevation of privileges. Alternatively, a remote attacker could exploit the flaw by sending malicious requests to a vulnerable system, so long as they could access it over the Server Message Block version 2 protocol (SMBv2). Successful exploitation in this context would grant the attacker arbitrary code execution".\n * Hyper-V ([CVE-2020-17095](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17095>))\n * Microsoft SharePoint ([CVE-2020-17118](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17118>), [CVE-2020-17121](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17121>))\n * Microsoft Excel ([CVE-2020-17122](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17122>), [CVE-2020-17123](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17123>), [CVE-2020-17125](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17125>), [CVE-2020-17127](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17127>), [CVE-2020-17128](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17128>), [CVE-2020-17129](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17129>))\n\nThank you, I will be glad to know your opinion about Vulristics and how it can be further improved. Write to <https://t.me/avleonovchat>.\n\nFull reports are available here:\n\n * [October 2020](<http://avleonov.com/vulristics_reports/october2020_report_avleonov_comments.html>)\n * [November 2020](<http://avleonov.com/vulristics_reports/november2020_report_avleonov_comments.html>)\n * [December 2020](<http://avleonov.com/vulristics_reports/december2020_report_avleonov_comments.html>)\n![](http://feeds.feedburner.com/~r/avleonov/~4/mC48TITxRfM)", "edition": 2, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-01-11T01:50:44", "type": "avleonov", "title": "Vulristics Vulnerability Score, Automated Data Collection and Microsoft Patch Tuesdays Q4 2020", "bulletinFamily": "blog", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-1472", "CVE-2020-16898", "CVE-2020-16916", "CVE-2020-16947", "CVE-2020-16952", "CVE-2020-17001", "CVE-2020-17019", "CVE-2020-17042", "CVE-2020-17049", "CVE-2020-17051", "CVE-2020-17056", "CVE-2020-17061", "CVE-2020-17064", "CVE-2020-17065", "CVE-2020-17066", "CVE-2020-17083", "CVE-2020-17084", "CVE-2020-17087", "CVE-2020-17091", "CVE-2020-17095", "CVE-2020-17096", "CVE-2020-17117", "CVE-2020-17118", "CVE-2020-17121", "CVE-2020-17122", "CVE-2020-17123", "CVE-2020-17125", "CVE-2020-17127", "CVE-2020-17128", "CVE-2020-17129", "CVE-2020-17132", "CVE-2020-17141", "CVE-2020-17142", "CVE-2020-17144"], "modified": "2021-01-11T01:50:44", "id": "AVLEONOV:28E47C69DA4A069031694EB4C2C931BA", "href": "http://feedproxy.google.com/~r/avleonov/~3/mC48TITxRfM/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}