http://packetstormsecurity.com/files/160698/Microsoft-Windows-splWOW64-Privilege-Escalation.html

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0986

The remote Windows host is missing security update 4561673 or cumulative update 4561666. It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in the     way that the wlansvc.dll handles objects in memory. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1270)

  - An information disclosure vulnerability exists when the     Windows GDI component improperly discloses the contents     of its memory. An attacker who successfully exploited     the vulnerability could obtain information to further     compromise the users system. There are multiple ways an     attacker could exploit the vulnerability, such as by     convincing a user to open a specially crafted document,     or by convincing a user to visit an untrusted webpage.
    The security update addresses the vulnerability by     correcting how the Windows GDI component handles objects     in memory. (CVE-2020-1348)

  - A remote code execution vulnerability exists when     Microsoft Windows OLE fails to properly validate user     input. An attacker could exploit the vulnerability to     execute malicious code.  (CVE-2020-1281)

  - An elevation of privilege vulnerability exists when the     Windows Background Intelligent Transfer Service (BITS)     IIS module improperly handles uploaded content. An     attacker who successfully exploited this vulnerability     could upload restricted file types to an IIS-hosted     folder.  (CVE-2020-1255)

  - An elevation of privilege vulnerability exists in the     way that the Windows Network Connections Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1291)

  - An elevation of privilege vulnerability exists in     Windows Installer because of the way Windows Installer     handles certain filesystem operations.  (CVE-2020-1302)

  - An elevation of privilege vulnerability exists in     Windows Text Service Framework (TSF) when the TSF server     fails to properly handle messages sent from TSF clients.
    An attacker who successfully exploited this     vulnerability could run arbitrary code in a privileged     process. An attacker could then install programs; view,     change, or delete data; or create new accounts with full     user rights.  (CVE-2020-1314)

  - An elevation of privilege vulnerability exists in the     Windows Installer when the Windows Installer fails to     properly sanitize input leading to an insecure library     loading behavior. A locally authenticated attacker could     run arbitrary code with elevated system privileges. An     attacker could then install programs; view, change, or     delete data; or create new accounts with full user     rights. The security update addresses the vulnerability     by correcting the input sanitization error to preclude     unintended elevation. (CVE-2020-1272)

  - An information disclosure vulnerability exists when     Internet Explorer improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2020-1315)

  - A remote code execution vulnerability exists in     Microsoft Windows that could allow remote code execution     if a .LNK file is processed. An attacker who     successfully exploited this vulnerability could gain the     same user rights as the local user.  (CVE-2020-1299)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2020-0986, CVE-2020-1246, CVE-2020-1262,     CVE-2020-1269)

  - A remote code execution vulnerability exists when     Microsoft Windows fails to properly handle cabinet     files.  (CVE-2020-1300)

  - A denial of service vulnerability exists when Windows     Registry improperly handles filesystem operations. An     attacker who successfully exploited the vulnerability     could cause a denial of service against a system.
    (CVE-2020-1194)

  - A remote code execution vulnerability exists in the way     that the VBScript engine handles objects in memory. The     vulnerability could corrupt memory in such a way that an     attacker could execute arbitrary code in the context of     the current user. An attacker who successfully exploited     the vulnerability could gain the same user rights as the     current user.  (CVE-2020-1213, CVE-2020-1214,     CVE-2020-1215, CVE-2020-1216, CVE-2020-1230,     CVE-2020-1260)

  - A remote code execution vulnerability exists in the way     that Microsoft browsers access objects in memory. The     vulnerability could corrupt memory in a way that could     allow an attacker to execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1219)

  - An elevation of privilege vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in an elevated context. An     attacker could exploit this vulnerability by running a     specially crafted application on the victim system. The     update addresses the vulnerability by correcting the way     the Windows Runtime handles objects in memory.
    (CVE-2020-1231, CVE-2020-1282, CVE-2020-1334)

  - An information disclosure vulnerability exists in the     way Windows Error Reporting (WER) handles objects in     memory. An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1263)

  - An information disclosure vulnerability exists when the     Microsoft Windows Graphics Component improperly handles     objects in memory. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2020-1160)

  - An elevation of privilege vulnerability exists in the     way that the Windows WalletService handles objects in     memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1287)

  - A remote code execution vulnerability exists in the way     that the Microsoft Server Message Block 1.0 (SMBv1)     server handles certain requests. An attacker who     successfully exploited the vulnerability could gain the     ability to execute code on the target server.
    (CVE-2020-1301)

  - A memory corruption vulnerability exists when Windows     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could install programs; view, change, or delete data; or     create new accounts with full user rights. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media     Foundation handles objects in memory. (CVE-2020-1239)

  - An elevation of privilege vulnerability exists when an     OLE Automation component improperly handles memory.
    (CVE-2020-1212)

  - An elevation of privilege vulnerability exists when     Group Policy improperly checks access. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context.  (CVE-2020-1317)

  - A remote code execution vulnerability exists when the     Windows Jet Database Engine improperly handles objects     in memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code on a victim     system. An attacker could exploit this vulnerability by     enticing a victim to open a specially crafted file. The     update addresses the vulnerability by correcting the way     the Windows Jet Database Engine handles objects in     memory. (CVE-2020-1208, CVE-2020-1236)

  - An elevation of privilege vulnerability exists in the     way that the printconfig.dll handles objects in memory.
    An attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1196)

  - An elevation of privilege vulnerability exists in the     way that the Windows Graphics Device Interface (GDI)     handles objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     kernel mode. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights.  (CVE-2020-0915, CVE-2020-0916)

  - An elevation of privilege vulnerability exists when     Windows Modules Installer Service improperly handles     class object members. A locally authenticated attacker     could run arbitrary code with elevated system     privileges. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights. The update addresses the     vulnerability by correcting how Windows handles calls to     preclude unintended elevation. (CVE-2020-1254)

  - An elevation of privilege vulnerability exists when     Component Object Model (COM) client uses special case     IIDs. An attacker who successfully exploited this     vulnerability could run arbitrary code with elevated     system privileges. An attacker could then install     programs; view, change, or delete data; or create new     accounts with full user rights.  (CVE-2020-1311)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2020-1207, CVE-2020-1247, CVE-2020-1251,     CVE-2020-1253, CVE-2020-1310)

  - A spoofing vulnerability exists when theMicrosoft Edge     (Chromium-based) in IE Mode improperly handles specific     redirects. An attacker who successfully exploits the IE     Mode vulnerability could trick a user into believing     that the user was on a legitimate website. The specially     crafted website could either spoof content or serve as a     pivot to chain an attack with other vulnerabilities in     web services.  (CVE-2020-1220)

The remote Windows host is missing security update 4561649.
It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in the     way that the printconfig.dll handles objects in memory.
    An attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1196)

  - An information disclosure vulnerability exists when the     Windows GDI component improperly discloses the contents     of its memory. An attacker who successfully exploited     the vulnerability could obtain information to further     compromise the users system. There are multiple ways an     attacker could exploit the vulnerability, such as by     convincing a user to open a specially crafted document,     or by convincing a user to visit an untrusted webpage.
    The security update addresses the vulnerability by     correcting how the Windows GDI component handles objects     in memory. (CVE-2020-1348)

  - An elevation of privilege vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in an elevated context. An     attacker could exploit this vulnerability by running a     specially crafted application on the victim system. The     update addresses the vulnerability by correcting the way     the Windows Runtime handles objects in memory.
    (CVE-2020-1231, CVE-2020-1282, CVE-2020-1304,     CVE-2020-1334)

  - A remote code execution vulnerability exists when     Microsoft Windows OLE fails to properly validate user     input. An attacker could exploit the vulnerability to     execute malicious code.  (CVE-2020-1281)

  - An information disclosure vulnerability exists in the     way Windows Error Reporting (WER) handles objects in     memory. An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1261,     CVE-2020-1263)

  - An elevation of privilege vulnerability exists when the     Windows Background Intelligent Transfer Service (BITS)     IIS module improperly handles uploaded content. An     attacker who successfully exploited this vulnerability     could upload restricted file types to an IIS-hosted     folder.  (CVE-2020-1255)

  - An elevation of privilege vulnerability exists in the     way that the wlansvc.dll handles objects in memory. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1270)

  - An elevation of privilege vulnerability exists in the     way that the Windows Network Connections Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1291)

  - An elevation of privilege vulnerability exists in     Windows Installer because of the way Windows Installer     handles certain filesystem operations.  (CVE-2020-1302)

  - An elevation of privilege vulnerability exists when the     Diagnostics Hub Standard Collector or the Visual Studio     Standard Collector fail to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run processes in an elevated     context.  (CVE-2020-1202, CVE-2020-1203)

  - An elevation of privilege vulnerability exists when     Windows Error Reporting manager improperly handles a     process crash. An attacker who successfully exploited     this vulnerability could delete a targeted file leading     to an elevated status.  (CVE-2020-1197)

  - An elevation of privilege vulnerability exists when the     Windows Backup Service improperly handles file     operations.  (CVE-2020-1271)

  - An elevation of privilege vulnerability exists in     Windows Text Service Framework (TSF) when the TSF server     fails to properly handle messages sent from TSF clients.
    An attacker who successfully exploited this     vulnerability could run arbitrary code in a privileged     process. An attacker could then install programs; view,     change, or delete data; or create new accounts with full     user rights.  (CVE-2020-1314)

  - An elevation of privilege vulnerability exists in the     Windows Installer when the Windows Installer fails to     properly sanitize input leading to an insecure library     loading behavior. A locally authenticated attacker could     run arbitrary code with elevated system privileges. An     attacker could then install programs; view, change, or     delete data; or create new accounts with full user     rights. The security update addresses the vulnerability     by correcting the input sanitization error to preclude     unintended elevation. (CVE-2020-1272)

  - An elevation of privilege vulnerability exists when the     Diagnostics Hub Standard Collector Service improperly     handles file operations. An attacker who successfully     exploited this vulnerability could gain elevated     privileges. An attacker with unprivileged access to a     vulnerable system could exploit this vulnerability. The     security update addresses the vulnerability by ensuring     the Diagnostics Hub Standard Collector Service properly     handles file operations. (CVE-2020-1278)

  - An information disclosure vulnerability exists when     Internet Explorer improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2020-1315)

  - An elevation of privilege vulnerability exists in the     way that the Windows WalletService handles objects in     memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1287, CVE-2020-1294)

  - A remote code execution vulnerability exists when     Microsoft Windows fails to properly handle cabinet     files.  (CVE-2020-1300)

  - A remote code execution vulnerability exists in the way     that the VBScript engine handles objects in memory. The     vulnerability could corrupt memory in such a way that an     attacker could execute arbitrary code in the context of     the current user. An attacker who successfully exploited     the vulnerability could gain the same user rights as the     current user.  (CVE-2020-1213, CVE-2020-1214,     CVE-2020-1215, CVE-2020-1216, CVE-2020-1230,     CVE-2020-1260)

  - A remote code execution vulnerability exists in the way     that Microsoft browsers access objects in memory. The     vulnerability could corrupt memory in a way that could     allow an attacker to execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1219)

  - A denial of service vulnerability exists when Windows     Registry improperly handles filesystem operations. An     attacker who successfully exploited the vulnerability     could cause a denial of service against a system.
    (CVE-2020-1194)

  - A remote code execution vulnerability exists in     Microsoft Windows that could allow remote code execution     if a .LNK file is processed. An attacker who     successfully exploited this vulnerability could gain the     same user rights as the local user.  (CVE-2020-1299)

  - An information disclosure vulnerability exists when the     Microsoft Windows Graphics Component improperly handles     objects in memory. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2020-1160)

  - A remote code execution vulnerability exists in the way     that the ChakraCore scripting engine handles objects in     memory. The vulnerability could corrupt memory in such a     way that an attacker could execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1073)

  - An elevation of privilege vulnerability exists when the     Windows State Repository Service improperly handles     objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     an elevated context. An attacker could exploit this     vulnerability by running a specially crafted application     on the victim system. The update addresses the     vulnerability by correcting the way the Windows State     Repository Service handles objects in memory.
    (CVE-2020-1305)

  - A security feature bypass vulnerability exists when     Windows Host Guardian Service improperly handles hashes     recorded and logged. An attacker who successfully     exploited the vulnerability could tamper with the log     file. In an attack scenario, an attacker can change     existing event log types to a type the parsers do not     interpret allowing an attacker to append their own hash     without triggering an alert. The update addresses the     vulnerability by correcting how Windows Host Guardian     Service handles logging of the measured boot hash.
    (CVE-2020-1259)

  - A remote code execution vulnerability exists in the way     that the Microsoft Server Message Block 1.0 (SMBv1)     server handles certain requests. An attacker who     successfully exploited the vulnerability could gain the     ability to execute code on the target server.
    (CVE-2020-1301)

  - A memory corruption vulnerability exists when Windows     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could install programs; view, change, or delete data; or     create new accounts with full user rights. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media     Foundation handles objects in memory. (CVE-2020-1239)

  - An elevation of privilege vulnerability exists when an     OLE Automation component improperly handles memory.
    (CVE-2020-1212)

  - An elevation of privilege vulnerability exists when     Group Policy improperly checks access. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context.  (CVE-2020-1317)

  - A remote code execution vulnerability exists when the     Windows Jet Database Engine improperly handles objects     in memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code on a victim     system. An attacker could exploit this vulnerability by     enticing a victim to open a specially crafted file. The     update addresses the vulnerability by correcting the way     the Windows Jet Database Engine handles objects in     memory. (CVE-2020-1208, CVE-2020-1236)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2020-0986, CVE-2020-1246, CVE-2020-1262,     CVE-2020-1264, CVE-2020-1266, CVE-2020-1269,     CVE-2020-1316)

  - An elevation of privilege vulnerability exists in the     way that the Windows Graphics Device Interface (GDI)     handles objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     kernel mode. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights.  (CVE-2020-0915, CVE-2020-0916)

  - An elevation of privilege vulnerability exists when     Windows Modules Installer Service improperly handles     class object members. A locally authenticated attacker     could run arbitrary code with elevated system     privileges. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights. The update addresses the     vulnerability by correcting how Windows handles calls to     preclude unintended elevation. (CVE-2020-1254)

  - An elevation of privilege vulnerability exists when     Component Object Model (COM) client uses special case     IIDs. An attacker who successfully exploited this     vulnerability could run arbitrary code with elevated     system privileges. An attacker could then install     programs; view, change, or delete data; or create new     accounts with full user rights.  (CVE-2020-1311)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2020-1207, CVE-2020-1247, CVE-2020-1251,     CVE-2020-1253, CVE-2020-1310)

  - An elevation of privilege vulnerability exists when     Windows Error Reporting improperly handles objects in     memory.  (CVE-2020-1234)

  - A spoofing vulnerability exists when theMicrosoft Edge     (Chromium-based) in IE Mode improperly handles specific     redirects. An attacker who successfully exploits the IE     Mode vulnerability could trick a user into believing     that the user was on a legitimate website. The specially     crafted website could either spoof content or serve as a     pivot to chain an attack with other vulnerabilities in     web services.  (CVE-2020-1220)

The remote Windows host is missing security update 4561621.
It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in the     way that the wlansvc.dll handles objects in memory. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1270)

  - An information disclosure vulnerability exists when the     Windows GDI component improperly discloses the contents     of its memory. An attacker who successfully exploited     the vulnerability could obtain information to further     compromise the users system. There are multiple ways an     attacker could exploit the vulnerability, such as by     convincing a user to open a specially crafted document,     or by convincing a user to visit an untrusted webpage.
    The security update addresses the vulnerability by     correcting how the Windows GDI component handles objects     in memory. (CVE-2020-1348)

  - An information disclosure vulnerability exists when the     win32k component improperly provides kernel information.
    An attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2020-1290)

  - A remote code execution vulnerability exists when     Microsoft Windows OLE fails to properly validate user     input. An attacker could exploit the vulnerability to     execute malicious code.  (CVE-2020-1281)

  - An information disclosure vulnerability exists in the     way Windows Error Reporting (WER) handles objects in     memory. An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1261,     CVE-2020-1263)

  - An elevation of privilege vulnerability exists when the     Windows Background Intelligent Transfer Service (BITS)     IIS module improperly handles uploaded content. An     attacker who successfully exploited this vulnerability     could upload restricted file types to an IIS-hosted     folder.  (CVE-2020-1255)

  - An elevation of privilege vulnerability exists when     Windows Error Reporting manager improperly handles a     process crash. An attacker who successfully exploited     this vulnerability could delete a targeted file leading     to an elevated status.  (CVE-2020-1197)

  - An elevation of privilege vulnerability exists in the     way that the Windows Network Connections Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1291)

  - A memory corruption vulnerability exists when Windows     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could install programs; view, change, or delete data; or     create new accounts with full user rights. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media     Foundation handles objects in memory. (CVE-2020-1238,     CVE-2020-1239)

  - An elevation of privilege vulnerability exists when the     Windows Feedback Hub improperly handles objects in     memory. An attacker who successfully exploited this     vulnerability could run processes in an elevated     context.  (CVE-2020-1199)

  - An elevation of privilege vulnerability exists when the     Diagnostics Hub Standard Collector or the Visual Studio     Standard Collector fail to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run processes in an elevated     context.  (CVE-2020-1202, CVE-2020-1203)

  - An elevation of privilege vulnerability exists in     Windows Installer because of the way Windows Installer     handles certain filesystem operations.  (CVE-2020-1302,     CVE-2020-1312)

  - An elevation of privilege vulnerability exists in the     way the Windows Now Playing Session Manager handles     objects in memory. An attacker who successfully     exploited this vulnerability could run processes in an     elevated context. An attacker could then install     programs; view, change or delete data.  (CVE-2020-1201)

  - An elevation of privilege vulnerability exists when the     Windows Backup Service improperly handles file     operations.  (CVE-2020-1271)

  - A remote code execution vulnerability exists when the     Windows Jet Database Engine improperly handles objects     in memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code on a victim     system. An attacker could exploit this vulnerability by     enticing a victim to open a specially crafted file. The     update addresses the vulnerability by correcting the way     the Windows Jet Database Engine handles objects in     memory. (CVE-2020-1208, CVE-2020-1236)

  - An elevation of privilege vulnerability exists in the     way that the Connected Devices Platform Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1211)

  - A security feature bypass vulnerability exists when     Windows Kernel fails to properly sanitize certain     parameters.  (CVE-2020-1241)

  - An elevation of privilege vulnerability exists when the     Diagnostics Hub Standard Collector Service improperly     handles file operations. An attacker who successfully     exploited this vulnerability could gain elevated     privileges. An attacker with unprivileged access to a     vulnerable system could exploit this vulnerability. The     security update addresses the vulnerability by ensuring     the Diagnostics Hub Standard Collector Service properly     handles file operations. (CVE-2020-1257, CVE-2020-1278,     CVE-2020-1293)

  - An elevation of privilege vulnerability exists in the     way that the Windows Bluetooth Service handles objects     in memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1280)

  - An elevation of privilege vulnerability exists in the     Windows Installer when the Windows Installer fails to     properly sanitize input leading to an insecure library     loading behavior. A locally authenticated attacker could     run arbitrary code with elevated system privileges. An     attacker could then install programs; view, change, or     delete data; or create new accounts with full user     rights. The security update addresses the vulnerability     by correcting the input sanitization error to preclude     unintended elevation. (CVE-2020-1272)

  - An information disclosure vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could read memory that was freed and might run arbitrary     code in an elevated context. An attacker could exploit     this vulnerability by running a specially crafted     application on the victim system. The update addresses     the vulnerability by correcting the way the Windows     Runtime handles objects in memory. (CVE-2020-1217)

  - An information disclosure vulnerability exists when     Internet Explorer improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2020-1315)

  - An elevation of privilege vulnerability exists in the     way that the Windows WalletService handles objects in     memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1287, CVE-2020-1294)

  - A remote code execution vulnerability exists when     Microsoft Windows fails to properly handle cabinet     files.  (CVE-2020-1300)

  - An elevation of privilege (user to user) vulnerability     exists in Windows Security Health Service when handling     certain objects in memory.  (CVE-2020-1162,     CVE-2020-1324)

  - A remote code execution vulnerability exists in the way     that the VBScript engine handles objects in memory. The     vulnerability could corrupt memory in such a way that an     attacker could execute arbitrary code in the context of     the current user. An attacker who successfully exploited     the vulnerability could gain the same user rights as the     current user.  (CVE-2020-1213, CVE-2020-1214,     CVE-2020-1215, CVE-2020-1216, CVE-2020-1230,     CVE-2020-1260)

  - An elevation of privilege vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in an elevated context. An     attacker could exploit this vulnerability by running a     specially crafted application on the victim system. The     update addresses the vulnerability by correcting the way     the Windows Runtime handles objects in memory.
    (CVE-2020-1231, CVE-2020-1233, CVE-2020-1235,     CVE-2020-1282, CVE-2020-1304, CVE-2020-1306,     CVE-2020-1334)

  - An elevation of privilege vulnerability exists when the     Microsoft Store Runtime improperly handles memory.
    (CVE-2020-1222, CVE-2020-1309)

  - A remote code execution vulnerability exists in the way     that Microsoft browsers access objects in memory. The     vulnerability could corrupt memory in a way that could     allow an attacker to execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1219)

  - A denial of service vulnerability exists when Windows     Registry improperly handles filesystem operations. An     attacker who successfully exploited the vulnerability     could cause a denial of service against a system.
    (CVE-2020-1194)

  - A remote code execution vulnerability exists in     Microsoft Windows that could allow remote code execution     if a .LNK file is processed. An attacker who     successfully exploited this vulnerability could gain the     same user rights as the local user.  (CVE-2020-1299)

  - An information disclosure vulnerability exists when the     Microsoft Windows Graphics Component improperly handles     objects in memory. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2020-1160)

  - A remote code execution vulnerability exists in the way     that the ChakraCore scripting engine handles objects in     memory. The vulnerability could corrupt memory in such a     way that an attacker could execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1073)

  - An elevation of privilege vulnerability exists when the     Windows State Repository Service improperly handles     objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     an elevated context. An attacker could exploit this     vulnerability by running a specially crafted application     on the victim system. The update addresses the     vulnerability by correcting the way the Windows State     Repository Service handles objects in memory.
    (CVE-2020-1305)

  - A security feature bypass vulnerability exists when     Windows Host Guardian Service improperly handles hashes     recorded and logged. An attacker who successfully     exploited the vulnerability could tamper with the log     file. In an attack scenario, an attacker can change     existing event log types to a type the parsers do not     interpret allowing an attacker to append their own hash     without triggering an alert. The update addresses the     vulnerability by correcting how Windows Host Guardian     Service handles logging of the measured boot hash.
    (CVE-2020-1259)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2020-0986, CVE-2020-1246, CVE-2020-1262,     CVE-2020-1264, CVE-2020-1266, CVE-2020-1269,     CVE-2020-1274, CVE-2020-1276, CVE-2020-1316)

  - A remote code execution vulnerability exists in the way     that the Microsoft Server Message Block 1.0 (SMBv1)     server handles certain requests. An attacker who     successfully exploited the vulnerability could gain the     ability to execute code on the target server.
    (CVE-2020-1301)

  - An information disclosure vulnerability exists in the     way that Microsoft Edge handles cross-origin requests.
    An attacker who successfully exploited this     vulnerability could determine the origin of all webpages     in the affected browser.  (CVE-2020-1242)

  - An elevation of privilege vulnerability exists when an     OLE Automation component improperly handles memory.
    (CVE-2020-1212)

  - An elevation of privilege vulnerability exists when     Group Policy improperly checks access. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context.  (CVE-2020-1317)

  - An elevation of privilege vulnerability exists when     Windows Lockscreen fails to properly load spotlight     images from a secure location. An attacker who     successfully exploited the vulnerability could execute     commands with elevated permissions. An authenticated     attacker could modify a registry value to exploit this     vulnerability. The security update addresses the     vulnerability by ensuring that the spotlight images are     always loaded from a secure location. (CVE-2020-1279)

  - An elevation of privilege vulnerability exists in     OpenSSH for Windows when it does not properly restrict     access to configuration settings. An attacker who     successfully exploited this vulnerability could replace     the shell with a malicious binary.  (CVE-2020-1292)

  - An elevation of privilege vulnerability exists in the     way that the printconfig.dll handles objects in memory.
    An attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1196)

  - An elevation of privilege vulnerability exists in the     way that the Windows Graphics Device Interface (GDI)     handles objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     kernel mode. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights.  (CVE-2020-0915, CVE-2020-0916)

  - An elevation of privilege vulnerability exists when     Windows Modules Installer Service improperly handles     class object members. A locally authenticated attacker     could run arbitrary code with elevated system     privileges. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights. The update addresses the     vulnerability by correcting how Windows handles calls to     preclude unintended elevation. (CVE-2020-1254)

  - An elevation of privilege vulnerability exists when     Component Object Model (COM) client uses special case     IIDs. An attacker who successfully exploited this     vulnerability could run arbitrary code with elevated     system privileges. An attacker could then install     programs; view, change, or delete data; or create new     accounts with full user rights.  (CVE-2020-1311)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2020-1207, CVE-2020-1247, CVE-2020-1251,     CVE-2020-1253, CVE-2020-1310)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel handles objects in memory.
    An attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1237)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2020-1283)

  - An elevation of privilege vulnerability exists when     Windows Error Reporting improperly handles objects in     memory.  (CVE-2020-1234)

  - A spoofing vulnerability exists when theMicrosoft Edge     (Chromium-based) in IE Mode improperly handles specific     redirects. An attacker who successfully exploits the IE     Mode vulnerability could trick a user into believing     that the user was on a legitimate website. The specially     crafted website could either spoof content or serve as a     pivot to chain an attack with other vulnerabilities in     web services.  (CVE-2020-1220)

  - An information disclosure vulnerability exists when     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1232)

  - A remote code execution vulnerability exists when the     Windows Shell does not properly validate file paths. An     attacker who successfully exploited this vulnerability     could run arbitrary code in the context of the current     user. If the current user is logged on as an     administrator, an attacker could take control of the     affected system. An attacker could then install     programs; view, change, or delete data; or create new     accounts with elevated privileges. Users whose accounts     are configured to have fewer privileges on the system     could be less impacted than users who operate with     administrative privileges.  (CVE-2020-1286)

  - An elevation of privilege vulnerability exists in     Windows Text Service Framework (TSF) when the TSF server     fails to properly handle messages sent from TSF clients.
    An attacker who successfully exploited this     vulnerability could run arbitrary code in a privileged     process. An attacker could then install programs; view,     change, or delete data; or create new accounts with full     user rights.  (CVE-2020-1314)

  - An elevation of privilege vulnerability exists when     DirectX improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in kernel mode. An attacker     could then install programs; view, change, or delete     data; or create new accounts with full user rights.
    (CVE-2020-1258)

The remote Windows host is missing security update 4561616.
It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in the     way that the printconfig.dll handles objects in memory.
    An attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1196)

  - An information disclosure vulnerability exists when the     Windows GDI component improperly discloses the contents     of its memory. An attacker who successfully exploited     the vulnerability could obtain information to further     compromise the users system. There are multiple ways an     attacker could exploit the vulnerability, such as by     convincing a user to open a specially crafted document,     or by convincing a user to visit an untrusted webpage.
    The security update addresses the vulnerability by     correcting how the Windows GDI component handles objects     in memory. (CVE-2020-1348)

  - A remote code execution vulnerability exists when     Microsoft Windows OLE fails to properly validate user     input. An attacker could exploit the vulnerability to     execute malicious code.  (CVE-2020-1281)

  - An information disclosure vulnerability exists in the     way Windows Error Reporting (WER) handles objects in     memory. An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1261,     CVE-2020-1263)

  - An elevation of privilege vulnerability exists when the     Windows Background Intelligent Transfer Service (BITS)     IIS module improperly handles uploaded content. An     attacker who successfully exploited this vulnerability     could upload restricted file types to an IIS-hosted     folder.  (CVE-2020-1255)

  - An elevation of privilege vulnerability exists in the     way that the wlansvc.dll handles objects in memory. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1270)

  - An elevation of privilege vulnerability exists in the     way that the Windows Network Connections Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1291)

  - An elevation of privilege vulnerability exists in     Windows Installer because of the way Windows Installer     handles certain filesystem operations.  (CVE-2020-1302)

  - An elevation of privilege vulnerability exists when the     Diagnostics Hub Standard Collector or the Visual Studio     Standard Collector fail to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run processes in an elevated     context.  (CVE-2020-1202, CVE-2020-1203)

  - An elevation of privilege vulnerability exists when     Windows Error Reporting manager improperly handles a     process crash. An attacker who successfully exploited     this vulnerability could delete a targeted file leading     to an elevated status.  (CVE-2020-1197)

  - An elevation of privilege vulnerability exists when the     Windows Backup Service improperly handles file     operations.  (CVE-2020-1271)

  - An elevation of privilege vulnerability exists in the     way that the Connected Devices Platform Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1211)

  - A security feature bypass vulnerability exists when     Windows Kernel fails to properly sanitize certain     parameters.  (CVE-2020-1241)

  - An elevation of privilege vulnerability exists when the     Diagnostics Hub Standard Collector Service improperly     handles file operations. An attacker who successfully     exploited this vulnerability could gain elevated     privileges. An attacker with unprivileged access to a     vulnerable system could exploit this vulnerability. The     security update addresses the vulnerability by ensuring     the Diagnostics Hub Standard Collector Service properly     handles file operations. (CVE-2020-1257, CVE-2020-1278,     CVE-2020-1293)

  - A memory corruption vulnerability exists when Windows     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could install programs; view, change, or delete data; or     create new accounts with full user rights. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media     Foundation handles objects in memory. (CVE-2020-1239)

  - An elevation of privilege vulnerability exists in the     Windows Installer when the Windows Installer fails to     properly sanitize input leading to an insecure library     loading behavior. A locally authenticated attacker could     run arbitrary code with elevated system privileges. An     attacker could then install programs; view, change, or     delete data; or create new accounts with full user     rights. The security update addresses the vulnerability     by correcting the input sanitization error to preclude     unintended elevation. (CVE-2020-1272)

  - An information disclosure vulnerability exists when     Internet Explorer improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2020-1315)

  - An elevation of privilege vulnerability exists in the     way that the Windows WalletService handles objects in     memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1287, CVE-2020-1294)

  - A remote code execution vulnerability exists when     Microsoft Windows fails to properly handle cabinet     files.  (CVE-2020-1300)

  - A remote code execution vulnerability exists in the way     that the VBScript engine handles objects in memory. The     vulnerability could corrupt memory in such a way that an     attacker could execute arbitrary code in the context of     the current user. An attacker who successfully exploited     the vulnerability could gain the same user rights as the     current user.  (CVE-2020-1213, CVE-2020-1214,     CVE-2020-1215, CVE-2020-1216, CVE-2020-1230,     CVE-2020-1260)

  - A remote code execution vulnerability exists in the way     that Microsoft browsers access objects in memory. The     vulnerability could corrupt memory in a way that could     allow an attacker to execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1219)

  - A denial of service vulnerability exists when Windows     Registry improperly handles filesystem operations. An     attacker who successfully exploited the vulnerability     could cause a denial of service against a system.
    (CVE-2020-1194)

  - A remote code execution vulnerability exists in     Microsoft Windows that could allow remote code execution     if a .LNK file is processed. An attacker who     successfully exploited this vulnerability could gain the     same user rights as the local user.  (CVE-2020-1299)

  - An information disclosure vulnerability exists when the     Microsoft Windows Graphics Component improperly handles     objects in memory. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2020-1160)

  - A remote code execution vulnerability exists in the way     that the ChakraCore scripting engine handles objects in     memory. The vulnerability could corrupt memory in such a     way that an attacker could execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1073)

  - An elevation of privilege vulnerability exists when the     Windows State Repository Service improperly handles     objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     an elevated context. An attacker could exploit this     vulnerability by running a specially crafted application     on the victim system. The update addresses the     vulnerability by correcting the way the Windows State     Repository Service handles objects in memory.
    (CVE-2020-1305)

  - A security feature bypass vulnerability exists when     Windows Host Guardian Service improperly handles hashes     recorded and logged. An attacker who successfully     exploited the vulnerability could tamper with the log     file. In an attack scenario, an attacker can change     existing event log types to a type the parsers do not     interpret allowing an attacker to append their own hash     without triggering an alert. The update addresses the     vulnerability by correcting how Windows Host Guardian     Service handles logging of the measured boot hash.
    (CVE-2020-1259)

  - An elevation of privilege vulnerability exists when the     Microsoft Store Runtime improperly handles memory.
    (CVE-2020-1309)

  - A remote code execution vulnerability exists in the way     that the Microsoft Server Message Block 1.0 (SMBv1)     server handles certain requests. An attacker who     successfully exploited the vulnerability could gain the     ability to execute code on the target server.
    (CVE-2020-1301)

  - An elevation of privilege vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in an elevated context. An     attacker could exploit this vulnerability by running a     specially crafted application on the victim system. The     update addresses the vulnerability by correcting the way     the Windows Runtime handles objects in memory.
    (CVE-2020-1231, CVE-2020-1235, CVE-2020-1282,     CVE-2020-1304, CVE-2020-1334)

  - An elevation of privilege vulnerability exists when an     OLE Automation component improperly handles memory.
    (CVE-2020-1212)

  - An elevation of privilege vulnerability exists when     Group Policy improperly checks access. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context.  (CVE-2020-1317)

  - An elevation of privilege vulnerability exists when     Windows Lockscreen fails to properly load spotlight     images from a secure location. An attacker who     successfully exploited the vulnerability could execute     commands with elevated permissions. An authenticated     attacker could modify a registry value to exploit this     vulnerability. The security update addresses the     vulnerability by ensuring that the spotlight images are     always loaded from a secure location. (CVE-2020-1279)

  - A remote code execution vulnerability exists when the     Windows Jet Database Engine improperly handles objects     in memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code on a victim     system. An attacker could exploit this vulnerability by     enticing a victim to open a specially crafted file. The     update addresses the vulnerability by correcting the way     the Windows Jet Database Engine handles objects in     memory. (CVE-2020-1208, CVE-2020-1236)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2020-0986, CVE-2020-1246, CVE-2020-1262,     CVE-2020-1264, CVE-2020-1266, CVE-2020-1269,     CVE-2020-1316)

  - An elevation of privilege vulnerability exists in the     way that the Windows Graphics Device Interface (GDI)     handles objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     kernel mode. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights.  (CVE-2020-0915, CVE-2020-0916)

  - An elevation of privilege vulnerability exists when     Windows Modules Installer Service improperly handles     class object members. A locally authenticated attacker     could run arbitrary code with elevated system     privileges. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights. The update addresses the     vulnerability by correcting how Windows handles calls to     preclude unintended elevation. (CVE-2020-1254)

  - An elevation of privilege vulnerability exists when     Component Object Model (COM) client uses special case     IIDs. An attacker who successfully exploited this     vulnerability could run arbitrary code with elevated     system privileges. An attacker could then install     programs; view, change, or delete data; or create new     accounts with full user rights.  (CVE-2020-1311)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2020-1207, CVE-2020-1247, CVE-2020-1251,     CVE-2020-1253, CVE-2020-1310)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2020-1283)

  - An elevation of privilege vulnerability exists when     Windows Error Reporting improperly handles objects in     memory.  (CVE-2020-1234)

  - A spoofing vulnerability exists when theMicrosoft Edge     (Chromium-based) in IE Mode improperly handles specific     redirects. An attacker who successfully exploits the IE     Mode vulnerability could trick a user into believing     that the user was on a legitimate website. The specially     crafted website could either spoof content or serve as a     pivot to chain an attack with other vulnerabilities in     web services.  (CVE-2020-1220)

  - An information disclosure vulnerability exists when     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1232)

  - An elevation of privilege vulnerability exists in     Windows Text Service Framework (TSF) when the TSF server     fails to properly handle messages sent from TSF clients.
    An attacker who successfully exploited this     vulnerability could run arbitrary code in a privileged     process. An attacker could then install programs; view,     change, or delete data; or create new accounts with full     user rights.  (CVE-2020-1314)

The remote Windows host is missing security update 4561674 or cumulative update 4561612. It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in the     way that the wlansvc.dll handles objects in memory. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1270)

  - An information disclosure vulnerability exists when the     Windows GDI component improperly discloses the contents     of its memory. An attacker who successfully exploited     the vulnerability could obtain information to further     compromise the users system. There are multiple ways an     attacker could exploit the vulnerability, such as by     convincing a user to open a specially crafted document,     or by convincing a user to visit an untrusted webpage.
    The security update addresses the vulnerability by     correcting how the Windows GDI component handles objects     in memory. (CVE-2020-1348)

  - A remote code execution vulnerability exists when     Microsoft Windows OLE fails to properly validate user     input. An attacker could exploit the vulnerability to     execute malicious code.  (CVE-2020-1281)

  - An elevation of privilege vulnerability exists when the     Windows Background Intelligent Transfer Service (BITS)     IIS module improperly handles uploaded content. An     attacker who successfully exploited this vulnerability     could upload restricted file types to an IIS-hosted     folder.  (CVE-2020-1255)

  - An elevation of privilege vulnerability exists in the     way that the Windows Network Connections Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1291)

  - An elevation of privilege vulnerability exists in     Windows Installer because of the way Windows Installer     handles certain filesystem operations.  (CVE-2020-1302)

  - An elevation of privilege vulnerability exists in     Windows Text Service Framework (TSF) when the TSF server     fails to properly handle messages sent from TSF clients.
    An attacker who successfully exploited this     vulnerability could run arbitrary code in a privileged     process. An attacker could then install programs; view,     change, or delete data; or create new accounts with full     user rights.  (CVE-2020-1314)

  - An elevation of privilege vulnerability exists in the     Windows Installer when the Windows Installer fails to     properly sanitize input leading to an insecure library     loading behavior. A locally authenticated attacker could     run arbitrary code with elevated system privileges. An     attacker could then install programs; view, change, or     delete data; or create new accounts with full user     rights. The security update addresses the vulnerability     by correcting the input sanitization error to preclude     unintended elevation. (CVE-2020-1272)

  - An information disclosure vulnerability exists when     Internet Explorer improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2020-1315)

  - A remote code execution vulnerability exists in     Microsoft Windows that could allow remote code execution     if a .LNK file is processed. An attacker who     successfully exploited this vulnerability could gain the     same user rights as the local user.  (CVE-2020-1299)

  - A remote code execution vulnerability exists when     Microsoft Windows fails to properly handle cabinet     files.  (CVE-2020-1300)

  - A denial of service vulnerability exists when Windows     Registry improperly handles filesystem operations. An     attacker who successfully exploited the vulnerability     could cause a denial of service against a system.
    (CVE-2020-1194)

  - A remote code execution vulnerability exists in the way     that the VBScript engine handles objects in memory. The     vulnerability could corrupt memory in such a way that an     attacker could execute arbitrary code in the context of     the current user. An attacker who successfully exploited     the vulnerability could gain the same user rights as the     current user.  (CVE-2020-1213, CVE-2020-1214,     CVE-2020-1215, CVE-2020-1216, CVE-2020-1230,     CVE-2020-1260)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2020-0986, CVE-2020-1246, CVE-2020-1262)

  - A remote code execution vulnerability exists in the way     that Microsoft browsers access objects in memory. The     vulnerability could corrupt memory in a way that could     allow an attacker to execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1219)

  - An elevation of privilege vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in an elevated context. An     attacker could exploit this vulnerability by running a     specially crafted application on the victim system. The     update addresses the vulnerability by correcting the way     the Windows Runtime handles objects in memory.
    (CVE-2020-1231, CVE-2020-1282, CVE-2020-1334)

  - An information disclosure vulnerability exists in the     way Windows Error Reporting (WER) handles objects in     memory. An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1263)

  - An information disclosure vulnerability exists when the     Microsoft Windows Graphics Component improperly handles     objects in memory. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2020-1160)

  - An elevation of privilege vulnerability exists in the     way that the Windows WalletService handles objects in     memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1287)

  - A remote code execution vulnerability exists in the way     that the Microsoft Server Message Block 1.0 (SMBv1)     server handles certain requests. An attacker who     successfully exploited the vulnerability could gain the     ability to execute code on the target server.
    (CVE-2020-1301)

  - A memory corruption vulnerability exists when Windows     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could install programs; view, change, or delete data; or     create new accounts with full user rights. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media     Foundation handles objects in memory. (CVE-2020-1239)

  - An elevation of privilege vulnerability exists when an     OLE Automation component improperly handles memory.
    (CVE-2020-1212)

  - An elevation of privilege vulnerability exists when     Group Policy improperly checks access. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context.  (CVE-2020-1317)

  - A remote code execution vulnerability exists when the     Windows Jet Database Engine improperly handles objects     in memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code on a victim     system. An attacker could exploit this vulnerability by     enticing a victim to open a specially crafted file. The     update addresses the vulnerability by correcting the way     the Windows Jet Database Engine handles objects in     memory. (CVE-2020-1208, CVE-2020-1236)

  - An elevation of privilege vulnerability exists in the     way that the printconfig.dll handles objects in memory.
    An attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1196)

  - An elevation of privilege vulnerability exists in the     way that the Windows Graphics Device Interface (GDI)     handles objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     kernel mode. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights.  (CVE-2020-0915, CVE-2020-0916)

  - An elevation of privilege vulnerability exists when     Windows Modules Installer Service improperly handles     class object members. A locally authenticated attacker     could run arbitrary code with elevated system     privileges. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights. The update addresses the     vulnerability by correcting how Windows handles calls to     preclude unintended elevation. (CVE-2020-1254)

  - An elevation of privilege vulnerability exists when     Component Object Model (COM) client uses special case     IIDs. An attacker who successfully exploited this     vulnerability could run arbitrary code with elevated     system privileges. An attacker could then install     programs; view, change, or delete data; or create new     accounts with full user rights.  (CVE-2020-1311)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2020-1207, CVE-2020-1247, CVE-2020-1251,     CVE-2020-1253, CVE-2020-1310)

  - A spoofing vulnerability exists when theMicrosoft Edge     (Chromium-based) in IE Mode improperly handles specific     redirects. An attacker who successfully exploits the IE     Mode vulnerability could trick a user into believing     that the user was on a legitimate website. The specially     crafted website could either spoof content or serve as a     pivot to chain an attack with other vulnerabilities in     web services.  (CVE-2020-1220)

The remote Windows host is missing security update 4561608.
It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in the     way that the wlansvc.dll handles objects in memory. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1270)

  - An elevation of privilege vulnerability exists when the     Windows Backup Service improperly handles file     operations.  (CVE-2020-1271)

  - An information disclosure vulnerability exists when the     Windows GDI component improperly discloses the contents     of its memory. An attacker who successfully exploited     the vulnerability could obtain information to further     compromise the users system. There are multiple ways an     attacker could exploit the vulnerability, such as by     convincing a user to open a specially crafted document,     or by convincing a user to visit an untrusted webpage.
    The security update addresses the vulnerability by     correcting how the Windows GDI component handles objects     in memory. (CVE-2020-1348)

  - A vulnerability exists in the way the Windows     Diagnostics &amp; feedback settings app handles objects     in memory. An attacker who successfully exploited this     vulnerability could cause additional diagnostic data     from the affected device to be sent to Microsoft.
    (CVE-2020-1296)

  - An information disclosure vulnerability exists when the     win32k component improperly provides kernel information.
    An attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2020-1290)

  - A remote code execution vulnerability exists when     Microsoft Windows OLE fails to properly validate user     input. An attacker could exploit the vulnerability to     execute malicious code.  (CVE-2020-1281)

  - An information disclosure vulnerability exists in the     way Windows Error Reporting (WER) handles objects in     memory. An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1261,     CVE-2020-1263)

  - An elevation of privilege vulnerability exists when the     Windows Background Intelligent Transfer Service (BITS)     IIS module improperly handles uploaded content. An     attacker who successfully exploited this vulnerability     could upload restricted file types to an IIS-hosted     folder.  (CVE-2020-1255)

  - An elevation of privilege vulnerability exists when     Windows Error Reporting manager improperly handles a     process crash. An attacker who successfully exploited     this vulnerability could delete a targeted file leading     to an elevated status.  (CVE-2020-1197)

  - An elevation of privilege vulnerability exists in the     way that the Windows Network Connections Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1291)

  - A memory corruption vulnerability exists when Windows     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could install programs; view, change, or delete data; or     create new accounts with full user rights. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media     Foundation handles objects in memory. (CVE-2020-1238,     CVE-2020-1239)

  - An elevation of privilege vulnerability exists when the     Diagnostics Hub Standard Collector or the Visual Studio     Standard Collector fail to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run processes in an elevated     context.  (CVE-2020-1202, CVE-2020-1203)

  - An elevation of privilege vulnerability exists when     Windows Mobile Device Management (MDM) Diagnostics     improperly handles junctions. An attacker who     successfully exploited this vulnerability could bypass     access restrictions to delete files.  (CVE-2020-1204)

  - An elevation of privilege vulnerability exists in the     way the Windows Now Playing Session Manager handles     objects in memory. An attacker who successfully     exploited this vulnerability could run processes in an     elevated context. An attacker could then install     programs; view, change or delete data.  (CVE-2020-1201)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2020-1283)

  - A remote code execution vulnerability exists when the     Windows Jet Database Engine improperly handles objects     in memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code on a victim     system. An attacker could exploit this vulnerability by     enticing a victim to open a specially crafted file. The     update addresses the vulnerability by correcting the way     the Windows Jet Database Engine handles objects in     memory. (CVE-2020-1208, CVE-2020-1236)

  - An elevation of privilege vulnerability exists in the     way that the Connected Devices Platform Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1211)

  - A security feature bypass vulnerability exists when     Windows Kernel fails to properly sanitize certain     parameters.  (CVE-2020-1241)

  - An elevation of privilege vulnerability exists when the     Diagnostics Hub Standard Collector Service improperly     handles file operations. An attacker who successfully     exploited this vulnerability could gain elevated     privileges. An attacker with unprivileged access to a     vulnerable system could exploit this vulnerability. The     security update addresses the vulnerability by ensuring     the Diagnostics Hub Standard Collector Service properly     handles file operations. (CVE-2020-1257, CVE-2020-1278,     CVE-2020-1293)

  - An elevation of privilege vulnerability exists in the     way that the Windows Bluetooth Service handles objects     in memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1280)

  - An elevation of privilege vulnerability exists in the     Windows Installer when the Windows Installer fails to     properly sanitize input leading to an insecure library     loading behavior. A locally authenticated attacker could     run arbitrary code with elevated system privileges. An     attacker could then install programs; view, change, or     delete data; or create new accounts with full user     rights. The security update addresses the vulnerability     by correcting the input sanitization error to preclude     unintended elevation. (CVE-2020-1272)

  - An information disclosure vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could read memory that was freed and might run arbitrary     code in an elevated context. An attacker could exploit     this vulnerability by running a specially crafted     application on the victim system. The update addresses     the vulnerability by correcting the way the Windows     Runtime handles objects in memory. (CVE-2020-1217)

  - An information disclosure vulnerability exists when     Internet Explorer improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2020-1315)

  - An elevation of privilege vulnerability exists in the     way that the Windows WalletService handles objects in     memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1287, CVE-2020-1294)

  - A remote code execution vulnerability exists when     Microsoft Windows fails to properly handle cabinet     files.  (CVE-2020-1300)

  - An elevation of privilege (user to user) vulnerability     exists in Windows Security Health Service when handling     certain objects in memory.  (CVE-2020-1162,     CVE-2020-1324)

  - A remote code execution vulnerability exists in the way     that the VBScript engine handles objects in memory. The     vulnerability could corrupt memory in such a way that an     attacker could execute arbitrary code in the context of     the current user. An attacker who successfully exploited     the vulnerability could gain the same user rights as the     current user.  (CVE-2020-1213, CVE-2020-1214,     CVE-2020-1215, CVE-2020-1216, CVE-2020-1230,     CVE-2020-1260)

  - An elevation of privilege vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in an elevated context. An     attacker could exploit this vulnerability by running a     specially crafted application on the victim system. The     update addresses the vulnerability by correcting the way     the Windows Runtime handles objects in memory.
    (CVE-2020-1231, CVE-2020-1233, CVE-2020-1235,     CVE-2020-1282, CVE-2020-1304, CVE-2020-1306,     CVE-2020-1334)

  - An elevation of privilege vulnerability exists when the     Microsoft Store Runtime improperly handles memory.
    (CVE-2020-1222, CVE-2020-1309)

  - A remote code execution vulnerability exists in the way     that Microsoft browsers access objects in memory. The     vulnerability could corrupt memory in a way that could     allow an attacker to execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1219)

  - A denial of service vulnerability exists when Windows     Registry improperly handles filesystem operations. An     attacker who successfully exploited the vulnerability     could cause a denial of service against a system.
    (CVE-2020-1194)

  - A remote code execution vulnerability exists in     Microsoft Windows that could allow remote code execution     if a .LNK file is processed. An attacker who     successfully exploited this vulnerability could gain the     same user rights as the local user.  (CVE-2020-1299)

  - An information disclosure vulnerability exists when the     Microsoft Windows Graphics Component improperly handles     objects in memory. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2020-1160)

  - A remote code execution vulnerability exists in the way     that the ChakraCore scripting engine handles objects in     memory. The vulnerability could corrupt memory in such a     way that an attacker could execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1073)

  - An elevation of privilege vulnerability exists when the     Windows State Repository Service improperly handles     objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     an elevated context. An attacker could exploit this     vulnerability by running a specially crafted application     on the victim system. The update addresses the     vulnerability by correcting the way the Windows State     Repository Service handles objects in memory.
    (CVE-2020-1305)

  - A security feature bypass vulnerability exists when     Windows Host Guardian Service improperly handles hashes     recorded and logged. An attacker who successfully     exploited the vulnerability could tamper with the log     file. In an attack scenario, an attacker can change     existing event log types to a type the parsers do not     interpret allowing an attacker to append their own hash     without triggering an alert. The update addresses the     vulnerability by correcting how Windows Host Guardian     Service handles logging of the measured boot hash.
    (CVE-2020-1259)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2020-0986, CVE-2020-1246, CVE-2020-1262,     CVE-2020-1264, CVE-2020-1266, CVE-2020-1269,     CVE-2020-1274, CVE-2020-1276, CVE-2020-1316)

  - A remote code execution vulnerability exists in the way     that the Microsoft Server Message Block 1.0 (SMBv1)     server handles certain requests. An attacker who     successfully exploited the vulnerability could gain the     ability to execute code on the target server.
    (CVE-2020-1301)

  - An elevation of privilege vulnerability exists in     Windows Installer because of the way Windows Installer     handles certain filesystem operations.  (CVE-2020-1277,     CVE-2020-1302, CVE-2020-1312)

  - An information disclosure vulnerability exists in the     way that Microsoft Edge handles cross-origin requests.
    An attacker who successfully exploited this     vulnerability could determine the origin of all webpages     in the affected browser.  (CVE-2020-1242)

  - An elevation of privilege vulnerability exists when an     OLE Automation component improperly handles memory.
    (CVE-2020-1212)

  - An elevation of privilege vulnerability exists when     Group Policy improperly checks access. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context.  (CVE-2020-1317)

  - An elevation of privilege vulnerability exists when     Windows Lockscreen fails to properly load spotlight     images from a secure location. An attacker who     successfully exploited the vulnerability could execute     commands with elevated permissions. An authenticated     attacker could modify a registry value to exploit this     vulnerability. The security update addresses the     vulnerability by ensuring that the spotlight images are     always loaded from a secure location. (CVE-2020-1279)

  - An elevation of privilege vulnerability exists in     OpenSSH for Windows when it does not properly restrict     access to configuration settings. An attacker who     successfully exploited this vulnerability could replace     the shell with a malicious binary.  (CVE-2020-1292)

  - An elevation of privilege vulnerability exists in the     way that the printconfig.dll handles objects in memory.
    An attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1196)

  - An elevation of privilege vulnerability exists in the     way that the Windows Graphics Device Interface (GDI)     handles objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     kernel mode. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights.  (CVE-2020-0915, CVE-2020-0916)

  - An elevation of privilege vulnerability exists when     Windows Modules Installer Service improperly handles     class object members. A locally authenticated attacker     could run arbitrary code with elevated system     privileges. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights. The update addresses the     vulnerability by correcting how Windows handles calls to     preclude unintended elevation. (CVE-2020-1254)

  - An elevation of privilege vulnerability exists when     Component Object Model (COM) client uses special case     IIDs. An attacker who successfully exploited this     vulnerability could run arbitrary code with elevated     system privileges. An attacker could then install     programs; view, change, or delete data; or create new     accounts with full user rights.  (CVE-2020-1311)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2020-1207, CVE-2020-1247, CVE-2020-1251,     CVE-2020-1253, CVE-2020-1310)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel handles objects in memory.
    An attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1237)

  - An elevation of privilege vulnerability exists when     DirectX improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in kernel mode. An attacker     could then install programs; view, change, or delete     data; or create new accounts with full user rights.
    (CVE-2020-1258)

  - An elevation of privilege vulnerability exists when     Windows Error Reporting improperly handles objects in     memory.  (CVE-2020-1234)

  - A spoofing vulnerability exists when theMicrosoft Edge     (Chromium-based) in IE Mode improperly handles specific     redirects. An attacker who successfully exploits the IE     Mode vulnerability could trick a user into believing     that the user was on a legitimate website. The specially     crafted website could either spoof content or serve as a     pivot to chain an attack with other vulnerabilities in     web services.  (CVE-2020-1220)

  - An information disclosure vulnerability exists when     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1232)

  - A remote code execution vulnerability exists when the     Windows Shell does not properly validate file paths. An     attacker who successfully exploited this vulnerability     could run arbitrary code in the context of the current     user. If the current user is logged on as an     administrator, an attacker could take control of the     affected system. An attacker could then install     programs; view, change, or delete data; or create new     accounts with elevated privileges. Users whose accounts     are configured to have fewer privileges on the system     could be less impacted than users who operate with     administrative privileges.  (CVE-2020-1286)

  - An elevation of privilege vulnerability exists in     Windows Text Service Framework (TSF) when the TSF server     fails to properly handle messages sent from TSF clients.
    An attacker who successfully exploited this     vulnerability could run arbitrary code in a privileged     process. An attacker could then install programs; view,     change, or delete data; or create new accounts with full     user rights.  (CVE-2020-1314)

  - A denial of service vulnerability exists when Connected     User Experiences and Telemetry Service improperly     handles file operations. An attacker who successfully     exploited this vulnerability could cause a system to     stop responding.  (CVE-2020-1244)

The remote Windows host is missing security update 4561602.
It is, therefore, affected by multiple vulnerabilities :

  - An elevation of privilege vulnerability exists in the     way that the printconfig.dll handles objects in memory.
    An attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1196)

  - An information disclosure vulnerability exists when the     Windows GDI component improperly discloses the contents     of its memory. An attacker who successfully exploited     the vulnerability could obtain information to further     compromise the users system. There are multiple ways an     attacker could exploit the vulnerability, such as by     convincing a user to open a specially crafted document,     or by convincing a user to visit an untrusted webpage.
    The security update addresses the vulnerability by     correcting how the Windows GDI component handles objects     in memory. (CVE-2020-1348)

  - An information disclosure vulnerability exists when the     win32k component improperly provides kernel information.
    An attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2020-1290)

  - A remote code execution vulnerability exists when     Microsoft Windows OLE fails to properly validate user     input. An attacker could exploit the vulnerability to     execute malicious code.  (CVE-2020-1281)

  - An information disclosure vulnerability exists in the     way Windows Error Reporting (WER) handles objects in     memory. An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1261,     CVE-2020-1263)

  - An elevation of privilege vulnerability exists when the     Windows Background Intelligent Transfer Service (BITS)     IIS module improperly handles uploaded content. An     attacker who successfully exploited this vulnerability     could upload restricted file types to an IIS-hosted     folder.  (CVE-2020-1255)

  - An elevation of privilege vulnerability exists in the     way that the wlansvc.dll handles objects in memory. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1270)

  - An elevation of privilege vulnerability exists in the     way that the Windows Network Connections Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1291)

  - An elevation of privilege vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in an elevated context. An     attacker could exploit this vulnerability by running a     specially crafted application on the victim system. The     update addresses the vulnerability by correcting the way     the Windows Runtime handles objects in memory.
    (CVE-2020-1231, CVE-2020-1233, CVE-2020-1235,     CVE-2020-1282, CVE-2020-1304, CVE-2020-1334)

  - A memory corruption vulnerability exists when Windows     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could install programs; view, change, or delete data; or     create new accounts with full user rights. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media     Foundation handles objects in memory. (CVE-2020-1238,     CVE-2020-1239)

  - An elevation of privilege vulnerability exists when the     Windows Feedback Hub improperly handles objects in     memory. An attacker who successfully exploited this     vulnerability could run processes in an elevated     context.  (CVE-2020-1199)

  - An elevation of privilege vulnerability exists when the     Diagnostics Hub Standard Collector or the Visual Studio     Standard Collector fail to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run processes in an elevated     context.  (CVE-2020-1202, CVE-2020-1203)

  - An elevation of privilege vulnerability exists in     Windows Installer because of the way Windows Installer     handles certain filesystem operations.  (CVE-2020-1302,     CVE-2020-1312)

  - An elevation of privilege vulnerability exists in the     way the Windows Now Playing Session Manager handles     objects in memory. An attacker who successfully     exploited this vulnerability could run processes in an     elevated context. An attacker could then install     programs; view, change or delete data.  (CVE-2020-1201)

  - An elevation of privilege vulnerability exists when the     Windows Backup Service improperly handles file     operations.  (CVE-2020-1271)

  - An elevation of privilege vulnerability exists in the     way that the Connected Devices Platform Service handles     objects in memory. An attacker who successfully     exploited the vulnerability could execute code with     elevated permissions.  (CVE-2020-1211)

  - A security feature bypass vulnerability exists when     Windows Kernel fails to properly sanitize certain     parameters.  (CVE-2020-1241)

  - An elevation of privilege vulnerability exists when the     Diagnostics Hub Standard Collector Service improperly     handles file operations. An attacker who successfully     exploited this vulnerability could gain elevated     privileges. An attacker with unprivileged access to a     vulnerable system could exploit this vulnerability. The     security update addresses the vulnerability by ensuring     the Diagnostics Hub Standard Collector Service properly     handles file operations. (CVE-2020-1257, CVE-2020-1278,     CVE-2020-1293)

  - An elevation of privilege vulnerability exists in the     way that the Windows Bluetooth Service handles objects     in memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1280)

  - An elevation of privilege vulnerability exists in the     Windows Installer when the Windows Installer fails to     properly sanitize input leading to an insecure library     loading behavior. A locally authenticated attacker could     run arbitrary code with elevated system privileges. An     attacker could then install programs; view, change, or     delete data; or create new accounts with full user     rights. The security update addresses the vulnerability     by correcting the input sanitization error to preclude     unintended elevation. (CVE-2020-1272)

  - An information disclosure vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could read memory that was freed and might run arbitrary     code in an elevated context. An attacker could exploit     this vulnerability by running a specially crafted     application on the victim system. The update addresses     the vulnerability by correcting the way the Windows     Runtime handles objects in memory. (CVE-2020-1217)

  - An information disclosure vulnerability exists when     Internet Explorer improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could obtain information to further compromise the users     system.  (CVE-2020-1315)

  - An elevation of privilege vulnerability exists in the     way that the Windows WalletService handles objects in     memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1287, CVE-2020-1294)

  - A remote code execution vulnerability exists when     Microsoft Windows fails to properly handle cabinet     files.  (CVE-2020-1300)

  - An elevation of privilege (user to user) vulnerability     exists in Windows Security Health Service when handling     certain objects in memory.  (CVE-2020-1162,     CVE-2020-1324)

  - A remote code execution vulnerability exists in the way     that the VBScript engine handles objects in memory. The     vulnerability could corrupt memory in such a way that an     attacker could execute arbitrary code in the context of     the current user. An attacker who successfully exploited     the vulnerability could gain the same user rights as the     current user.  (CVE-2020-1213, CVE-2020-1214,     CVE-2020-1215, CVE-2020-1216, CVE-2020-1230,     CVE-2020-1260)

  - An elevation of privilege vulnerability exists when the     Microsoft Store Runtime improperly handles memory.
    (CVE-2020-1222, CVE-2020-1309)

  - A remote code execution vulnerability exists in the way     that Microsoft browsers access objects in memory. The     vulnerability could corrupt memory in a way that could     allow an attacker to execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1219)

  - A denial of service vulnerability exists when Windows     Registry improperly handles filesystem operations. An     attacker who successfully exploited the vulnerability     could cause a denial of service against a system.
    (CVE-2020-1194)

  - A remote code execution vulnerability exists in     Microsoft Windows that could allow remote code execution     if a .LNK file is processed. An attacker who     successfully exploited this vulnerability could gain the     same user rights as the local user.  (CVE-2020-1299)

  - An information disclosure vulnerability exists when the     Microsoft Windows Graphics Component improperly handles     objects in memory. An attacker who successfully     exploited the vulnerability could obtain information to     further compromise the users system.  (CVE-2020-1160)

  - A remote code execution vulnerability exists in the way     that the ChakraCore scripting engine handles objects in     memory. The vulnerability could corrupt memory in such a     way that an attacker could execute arbitrary code in the     context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user.  (CVE-2020-1073)

  - An elevation of privilege vulnerability exists when the     Windows State Repository Service improperly handles     objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     an elevated context. An attacker could exploit this     vulnerability by running a specially crafted application     on the victim system. The update addresses the     vulnerability by correcting the way the Windows State     Repository Service handles objects in memory.
    (CVE-2020-1305)

  - A security feature bypass vulnerability exists when     Windows Host Guardian Service improperly handles hashes     recorded and logged. An attacker who successfully     exploited the vulnerability could tamper with the log     file. In an attack scenario, an attacker can change     existing event log types to a type the parsers do not     interpret allowing an attacker to append their own hash     without triggering an alert. The update addresses the     vulnerability by correcting how Windows Host Guardian     Service handles logging of the measured boot hash.
    (CVE-2020-1259)

  - A remote code execution vulnerability exists in the way     that the Microsoft Server Message Block 1.0 (SMBv1)     server handles certain requests. An attacker who     successfully exploited the vulnerability could gain the     ability to execute code on the target server.
    (CVE-2020-1301)

  - An elevation of privilege vulnerability exists when     Windows Error Reporting manager improperly handles a     process crash. An attacker who successfully exploited     this vulnerability could delete a targeted file leading     to an elevated status.  (CVE-2020-1197)

  - An elevation of privilege vulnerability exists when an     OLE Automation component improperly handles memory.
    (CVE-2020-1212)

  - An elevation of privilege vulnerability exists when     Group Policy improperly checks access. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context.  (CVE-2020-1317)

  - An elevation of privilege vulnerability exists when     Windows Lockscreen fails to properly load spotlight     images from a secure location. An attacker who     successfully exploited the vulnerability could execute     commands with elevated permissions. An authenticated     attacker could modify a registry value to exploit this     vulnerability. The security update addresses the     vulnerability by ensuring that the spotlight images are     always loaded from a secure location. (CVE-2020-1279)

  - A remote code execution vulnerability exists when the     Windows Jet Database Engine improperly handles objects     in memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code on a victim     system. An attacker could exploit this vulnerability by     enticing a victim to open a specially crafted file. The     update addresses the vulnerability by correcting the way     the Windows Jet Database Engine handles objects in     memory. (CVE-2020-1208, CVE-2020-1236)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2020-0986, CVE-2020-1246, CVE-2020-1262,     CVE-2020-1264, CVE-2020-1266, CVE-2020-1269,     CVE-2020-1316)

  - An elevation of privilege vulnerability exists in the     way that the Windows Graphics Device Interface (GDI)     handles objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     kernel mode. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights.  (CVE-2020-0915, CVE-2020-0916)

  - An elevation of privilege vulnerability exists when     Windows Modules Installer Service improperly handles     class object members. A locally authenticated attacker     could run arbitrary code with elevated system     privileges. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights. The update addresses the     vulnerability by correcting how Windows handles calls to     preclude unintended elevation. (CVE-2020-1254)

  - An elevation of privilege vulnerability exists when     Component Object Model (COM) client uses special case     IIDs. An attacker who successfully exploited this     vulnerability could run arbitrary code with elevated     system privileges. An attacker could then install     programs; view, change, or delete data; or create new     accounts with full user rights.  (CVE-2020-1311)

  - An elevation of privilege vulnerability exists in     Windows when the Windows kernel-mode driver fails to     properly handle objects in memory. An attacker who     successfully exploited this vulnerability could run     arbitrary code in kernel mode. An attacker could then     install programs; view, change, or delete data; or     create new accounts with full user rights.
    (CVE-2020-1207, CVE-2020-1247, CVE-2020-1251,     CVE-2020-1253, CVE-2020-1310)

  - An elevation of privilege vulnerability exists in the     way that the Windows Kernel handles objects in memory.
    An attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1237)

  - A denial of service vulnerability exists when Windows     improperly handles objects in memory. An attacker who     successfully exploited the vulnerability could cause a     target system to stop responding.  (CVE-2020-1283)

  - An elevation of privilege vulnerability exists when     Windows Error Reporting improperly handles objects in     memory.  (CVE-2020-1234)

  - A spoofing vulnerability exists when theMicrosoft Edge     (Chromium-based) in IE Mode improperly handles specific     redirects. An attacker who successfully exploits the IE     Mode vulnerability could trick a user into believing     that the user was on a legitimate website. The specially     crafted website could either spoof content or serve as a     pivot to chain an attack with other vulnerabilities in     web services.  (CVE-2020-1220)

  - An information disclosure vulnerability exists when     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1232)

  - A remote code execution vulnerability exists when the     Windows Shell does not properly validate file paths. An     attacker who successfully exploited this vulnerability     could run arbitrary code in the context of the current     user. If the current user is logged on as an     administrator, an attacker could take control of the     affected system. An attacker could then install     programs; view, change, or delete data; or create new     accounts with elevated privileges. Users whose accounts     are configured to have fewer privileges on the system     could be less impacted than users who operate with     administrative privileges.  (CVE-2020-1286)

  - An elevation of privilege vulnerability exists in     Windows Text Service Framework (TSF) when the TSF server     fails to properly handle messages sent from TSF clients.
    An attacker who successfully exploited this     vulnerability could run arbitrary code in a privileged     process. An attacker could then install programs; view,     change, or delete data; or create new accounts with full     user rights.  (CVE-2020-1314)

  - An elevation of privilege vulnerability exists when     DirectX improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in kernel mode. An attacker     could then install programs; view, change, or delete     data; or create new accounts with full user rights.
    (CVE-2020-1258)

ID	Name	Product	Family	Severity
137304	KB4557957: Windows 10 Version 2004 June 2020 Security Update	Nessus	Windows : Microsoft Bulletins	high
137262	KB4561673: Windows 8.1 and Windows Server 2012 R2 June 2020 Security Update	Nessus	Windows : Microsoft Bulletins	high
137261	KB4561649: Windows 10 June 2020 Security Update	Nessus	Windows : Microsoft Bulletins	high
137259	KB4561621: Windows 10 Version 1803 June 2020 Security Update	Nessus	Windows : Microsoft Bulletins	high
137258	KB4561616: Windows 10 Version 1607 and Windows Server 2016 June 2020 Security Update	Nessus	Windows : Microsoft Bulletins	high
137257	KB4561674: Windows Server 2012 June 2020 Security Update	Nessus	Windows : Microsoft Bulletins	high
137256	KB4561608: Windows 10 Version 1809 and Windows Server 2019 June 2020 Security Update	Nessus	Windows : Microsoft Bulletins	high
137255	KB4561602: Windows 10 Version 1709 June 2020 Security Update	Nessus	Windows : Microsoft Bulletins	high
137254	KB4560960: Windows 10 Version 1903 and Windows 10 Version 1909 June 2020 Security Update	Nessus	Windows : Microsoft Bulletins	high

CVE-2020-0986

HIGH

Description

References

Details

Risk Information

CVSS v2.0

CVSS v3.0

Vulnerable Software

Configuration 1

Tenable Plugins

high

high

high

high

high

high

high

high

high