43 matches found
CVE-2019-1337
An information disclosure vulnerability exists when Windows Update Client fails to properly handle objects in memory, aka 'Windows Update Client Information Disclosure Vulnerability'...
CVE-2019-1323
An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1336...
North Korean Hackers Using Windows Update Service to Infect PCs with Malware
The notorious Lazarus Group actor has been observed mounting a new campaign that makes use of the Windows Update service to execute its malicious payload, expanding the arsenal of living-off-the-land LotL techniques leveraged by the APT group to further its objectives. The Lazarus Group, also kno...
Privilege escalation
Microsoft Windows Update Client Elevation of Privilege Vulnerability...
September 14, 2021—KB5005566 (OS Build 18363.1801)
September 14, 2021—KB5005566 OS Build 18363.1801 EXPIRATION NOTICE As of 9/12/2023, KB5005566 is only available from Windows Update. This update is no longer available from the Microsoft Update Catalog, or other release channels. We recommend that you update your devices to the latest security...
December 8, 2020—KB4592473 (OS Build 15063.2584)
December 8, 2020—KB4592473 OS Build 15063.2584 Current status of Windows 10, version 1703 Surface Hub devices remain in support. Starting on November 12, 2019, updates for Windows 10, version 1703 will be available only for Surface Hub devices. Update information and Surface Hub known issues will...
October 13, 2020—KB4580370 (OS Build 15063.2525)
October 13, 2020—KB4580370 OS Build 15063.2525 NEW IMPORTANT Release notes are changing! To learn about the new URL, metadata updates, and more, see What’s next for Windows release notes. Current status of Windows 10, version 1703 Windows 10, version 1703 has reached end of service for all...
August 11, 2020—KB4571692 (OS Build 10240.18666)
August 11, 2020—KB4571692 OS Build 10240.18666 For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. IMPORTANT Starting in July 2020, all Windows Updates will disable the RemoteFX vGPU featu...
Microsoft Windows Update Client Privilege Vulnerability
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, U.S.A. Microsoft Windows is an operating system for personal devices.Microsoft Windows Server is a server operating system. Windows Update Client is one of the Windows system update clients. An elevation of...
CVE-2020-1014
An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'...
KLA11743 Multiple vulnerabilities in Microsoft products (ESU)
Multiple vulnerabilities were found in Microsoft products Extended Support Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service. Below is a complete list of vulnerabilities: 1. A memory corrupti...
KB4550957: Windows Server 2008 April 2020 Security Update
The remote Windows host is missing security update 4550957 or cumulative update 4550951. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker...
March 30, 2020—KB4554354 (OS Build 17763.1132)
March 30, 2020—KB4554354 OS Build 17763.1132 For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. Highlights Updates an issue that might display the wrong internet connection status for...
CVE-2019-1323
An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges, aka 'Microsoft Windows Update Client Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1336...
Information disclosure
An information disclosure vulnerability exists when Windows Update Client fails to properly handle objects in memory, aka 'Windows Update Client Information Disclosure Vulnerability'...
CVE-2019-1337
An information disclosure vulnerability exists when Windows Update Client fails to properly handle objects in memory, aka 'Windows Update Client Information Disclosure Vulnerability'...
CVE-2019-1337
The CVE-2019-1337 entry describes an information disclosure vulnerability in the Windows Update Client where memory objects are mishandled. Affected component: Windows Update Client. Root cause: improper handling of in-memory objects leading to potential memory contents disclosure. Exploitation d...
Microsoft Windows Multiple Vulnerabilities (KB4519338)
This host is missing a critical security update according to Microsoft KB4519338 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...
Microsoft Windows Update Client Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in the Microsoft Windows Update Client when it does not properly handle privileges. An attacker who successfully exploited this vulnerability could run processes in an elevated context. An attacker could then install programs; view, change or delete...
PT-2019-3541 · Microsoft · Windows Update Client +1
Name of the Vulnerable Software and Affected Versions: Windows Update Client affected versions not specified Description: An information disclosure issue exists due to the Windows Update Client's improper handling of objects in memory. This could allow an attacker to gain unauthorized access to...