KB4586785: Windows 10 Version 1803 November 2020 Security Update

critical Nessus Plugin ID 142682

Synopsis

The remote Windows host is affected by multiple vulnerabilities.

Description

The Microsoft 4586785 Product is missing security updates.

- Remote Desktop Protocol Server Information Disclosure Vulnerability (CVE-2020-16997)

- DirectX Elevation of Privilege Vulnerability (CVE-2020-16998)

- Windows WalletService Information Disclosure Vulnerability (CVE-2020-16999)

- Remote Desktop Protocol Client Information Disclosure Vulnerability (CVE-2020-17000)

- Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17014.
(CVE-2020-17001)

- Windows Graphics Component Information Disclosure Vulnerability (CVE-2020-17004)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044. (CVE-2020-17055)

- Windows Network File System Information Disclosure Vulnerability (CVE-2020-17056)

- Windows Win32k Elevation of Privilege Vulnerability (CVE-2020-17057)

- Windows GDI+ Remote Code Execution Vulnerability (CVE-2020-17068)

- Windows NDIS Information Disclosure Vulnerability (CVE-2020-17069)

- Windows Update Medic Service Elevation of Privilege Vulnerability (CVE-2020-17070)

- Windows Delivery Optimization Information Disclosure Vulnerability (CVE-2020-17071)

- Windows USO Core Worker Elevation of Privilege Vulnerability (CVE-2020-17075)

- Windows Update Stack Elevation of Privilege Vulnerability (CVE-2020-17077)

- Windows Kernel Local Elevation of Privilege Vulnerability (CVE-2020-17087)

- Windows Common Log File System Driver Elevation of Privilege Vulnerability (CVE-2020-17088)

- Microsoft Defender for Endpoint Security Feature Bypass Vulnerability (CVE-2020-17090)

- Windows Camera Codec Information Disclosure Vulnerability (CVE-2020-17113)

- Windows Spoofing Vulnerability (CVE-2020-1599)

- Windows Error Reporting Elevation of Privilege Vulnerability (CVE-2020-17007)

- Windows Port Class Library Elevation of Privilege Vulnerability (CVE-2020-17011)

- Windows Bind Filter Driver Elevation of Privilege Vulnerability (CVE-2020-17012)

- Win32k Information Disclosure Vulnerability (CVE-2020-17013)

- Windows Print Spooler Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17001.
(CVE-2020-17014)

- Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability (CVE-2020-17024)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17025)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17026)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17027)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17028)

- Windows Canonical Display Driver Information Disclosure Vulnerability (CVE-2020-17029)

- Windows MSCTF Server Information Disclosure Vulnerability (CVE-2020-17030)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17031)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17032)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17034, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17033)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17043, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17034)

- Windows Kernel Elevation of Privilege Vulnerability (CVE-2020-17035)

- Windows Function Discovery SSDP Provider Information Disclosure Vulnerability (CVE-2020-17036)

- Windows WalletService Elevation of Privilege Vulnerability (CVE-2020-17037)

- Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17010. (CVE-2020-17038)

- Windows Hyper-V Security Feature Bypass Vulnerability (CVE-2020-17040)

- Windows Print Configuration Elevation of Privilege Vulnerability (CVE-2020-17041)

- Windows Print Spooler Remote Code Execution Vulnerability (CVE-2020-17042)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17044, CVE-2020-17055. (CVE-2020-17043)

- Windows Remote Access Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17043, CVE-2020-17055. (CVE-2020-17044)

- Windows KernelStream Information Disclosure Vulnerability (CVE-2020-17045)

- Windows Error Reporting Denial of Service Vulnerability (CVE-2020-17046)

- Windows Network File System Denial of Service Vulnerability (CVE-2020-17047)

- Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17054.
(CVE-2020-17048)

- Scripting Engine Memory Corruption Vulnerability (CVE-2020-17052)

- Internet Explorer Memory Corruption Vulnerability (CVE-2020-17053)

- Chakra Scripting Engine Memory Corruption Vulnerability This CVE ID is unique from CVE-2020-17048.
(CVE-2020-17054)

- Microsoft Browser Memory Corruption Vulnerability (CVE-2020-17058)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Apply Cumulative Update KB4586785.

See Also

http://www.nessus.org/u?e7865164

Plugin Details

Severity: Critical

ID: 142682

File Name: smb_nt_ms20_nov_4586785.nasl

Version: 1.11

Type: local

Agent: windows

Published: 11/10/2020

Updated: 5/11/2022

Supported Sensors: Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure

Risk Information

VPR

Risk Factor: Critical

Score: 9.6

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 8.1

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: E:H/RL:OF/RC:C

CVSS Score Source: CVE-2020-17042

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:H/RL:O/RC:C

CVSS Score Source: CVE-2020-17090

Vulnerability Information

CPE: cpe:/o:microsoft:windows

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/10/2020

Vulnerability Publication Date: 11/10/2020

CISA Known Exploited Dates: 5/3/2022

Reference Information

CVE: CVE-2020-1599, CVE-2020-16997, CVE-2020-16998, CVE-2020-16999, CVE-2020-17000, CVE-2020-17001, CVE-2020-17004, CVE-2020-17007, CVE-2020-17011, CVE-2020-17012, CVE-2020-17013, CVE-2020-17014, CVE-2020-17024, CVE-2020-17025, CVE-2020-17026, CVE-2020-17027, CVE-2020-17028, CVE-2020-17029, CVE-2020-17030, CVE-2020-17031, CVE-2020-17032, CVE-2020-17033, CVE-2020-17034, CVE-2020-17035, CVE-2020-17036, CVE-2020-17037, CVE-2020-17038, CVE-2020-17040, CVE-2020-17041, CVE-2020-17042, CVE-2020-17043, CVE-2020-17044, CVE-2020-17045, CVE-2020-17046, CVE-2020-17047, CVE-2020-17048, CVE-2020-17052, CVE-2020-17053, CVE-2020-17054, CVE-2020-17055, CVE-2020-17056, CVE-2020-17057, CVE-2020-17058, CVE-2020-17068, CVE-2020-17069, CVE-2020-17070, CVE-2020-17071, CVE-2020-17075, CVE-2020-17077, CVE-2020-17087, CVE-2020-17088, CVE-2020-17090, CVE-2020-17113

MSKB: 4586785

MSFT: MS20-4586785

IAVA: 2020-A-0512-S, 2020-A-0518-S, 2020-A-0521-S