The remote Windows host is missing security update 4571694.
It is, therefore, affected by multiple vulnerabilities :

  - A memory corruption vulnerability exists when Windows     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited the vulnerability     could install programs; view, change, or delete data; or     create new accounts with full user rights. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media     Foundation handles objects in memory. (CVE-2020-1379,     CVE-2020-1477, CVE-2020-1478, CVE-2020-1492,     CVE-2020-1525, CVE-2020-1554)

  - A remote code execution vulnerability exists when     Windows Media Audio Codec improperly handles objects. An     attacker who successfully exploited the vulnerability     could take control of an affected system. There are     multiple ways an attacker could exploit the     vulnerability, such as by convincing a user to open a     specially crafted document, or by convincing a user to     visit a malicious webpage. The security update addresses     the vulnerability by correcting how Windows Media Audio     Codec handles objects. (CVE-2020-1339)

  - An elevation of privilege vulnerability exists when     Connected User Experiences and Telemetry Service     improperly handles file operations. An attacker who     successfully exploited this vulnerability could run     processes in an elevated context. An attacker could     exploit this vulnerability by running a specially     crafted application on the victim system. The security     update addresses the vulnerability by correcting how the     Connected User Experiences and Telemetry Service handles     file operations. (CVE-2020-1511)

  - An elevation of privilege vulnerability exists in the     way that the srmsvc.dll handles objects in memory. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1475)

  - An elevation of privilege vulnerability exists when the     Windows CDP User Components improperly handle memory.
    (CVE-2020-1549, CVE-2020-1550)

  - An information disclosure vulnerability exists when     DirectWrite improperly discloses the contents of its     memory. An attacker who successfully exploited the     vulnerability could obtain information to further     compromise the users system. There are multiple ways an     attacker could exploit the vulnerability, such as by     convincing a user to open a specially crafted document,     or by convincing a user to visit an untrusted webpage.
    The security update addresses the vulnerability by     correcting how DirectWrite handles objects in memory.
    (CVE-2020-1577)

  - An elevation of privilege vulnerability exists when the     Windows Network Connection Broker improperly handles     memory.  (CVE-2020-1526)

  - An information disclosure vulnerability exists in RPC if     the server has Routing and Remote Access enabled. An     attacker who successfully exploited this vulnerability     could obtain information to further compromise the users     system  (CVE-2020-1383)

  - An elevation of privilege vulnerability exists when the     Windows Work Folders Service improperly handles memory.
    (CVE-2020-1470, CVE-2020-1484, CVE-2020-1516)

  - An elevation of privilege vulnerability exists when the     Windows Custom Protocol Engine improperly handles     memory.  (CVE-2020-1527)

  - An elevation of privilege vulnerability exists when the     Storage Service improperly handles file operations. An     attacker who successfully exploited this vulnerability     could gain elevated privileges on the victim system.
    (CVE-2020-1490)

  - An elevation of privilege vulnerability exists when the     Windows Speech Runtime improperly handles memory.
    (CVE-2020-1521, CVE-2020-1522)

  - An elevation of privilege vulnerability exists when the     Windows CSC Service improperly handles memory.
    (CVE-2020-1489, CVE-2020-1513)

  - An elevation of privilege vulnerability exists when the     Windows Accounts Control improperly handles memory.
    (CVE-2020-1531)

  - An elevation of privilege vulnerability exists when     Windows improperly handles hard links. An attacker who     successfully exploited this vulnerability could     overwrite a targeted file leading to an elevated status.
    (CVE-2020-1467)

  - A denial of service vulnerability exists in Windows     Remote Desktop Gateway (RD Gateway) when an attacker     connects to the target system using RDP and sends     specially crafted requests. An attacker who successfully     exploited this vulnerability could cause the RD Gateway     service on the target system to stop responding.
    (CVE-2020-1466)

  - An elevation of privilege vulnerability exists in the     Local Security Authority Subsystem Service (LSASS) when     an authenticated attacker sends a specially crafted     authentication request. A remote attacker who     successfully exploited this vulnerability could cause an     elevation of privilege on the target system's LSASS     service. The security update addresses the vulnerability     by changing the way that LSASS handles specially crafted     authentication requests. (CVE-2020-1509)

  - A remote code execution vulnerability exists when the     Windows Font Driver Host improperly handles memory. An     attacker who successfully exploited the vulnerability     would gain execution on a victim system. The security     update addresses the vulnerability by correcting how the     Windows Font Driver Host handles memory. (CVE-2020-1520)

  - An elevation of privilege vulnerability exists when the     Windows UPnP Device Host improperly handles memory.
    (CVE-2020-1519, CVE-2020-1538)

  - An information disclosure vulnerability exists when the     Windows State Repository Service improperly handles     objects in memory. An attacker who successfully     exploited this vulnerability could obtain information to     further compromise the users system. An attacker could     exploit this vulnerability by running a specially     crafted application on the victim system. The update     addresses the vulnerability by correcting the way the     Windows State Repository Service handles objects in     memory. (CVE-2020-1512)

  - An elevation of privilege vulnerability exists when the     Windows Telephony Server improperly handles memory.
    (CVE-2020-1515)

  - An information disclosure vulnerability exists when     Media Foundation improperly handles objects in memory.
    An attacker who successfully exploited this     vulnerability could obtain information to further     compromise the users system.  (CVE-2020-1487)

  - An elevation of privilege vulnerability exists when the     Windows kernel fails to properly handle objects in     memory. An attacker who successfully exploited this     vulnerability could run arbitrary code in kernel mode.
    An attacker could then install programs; view, change,     or delete data; or create new accounts with full user     rights.  (CVE-2020-1486, CVE-2020-1566)

  - An elevation of privilege vulnerability exists when the     Windows File Server Resource Management Service     improperly handles memory.  (CVE-2020-1517,     CVE-2020-1518)

  - An elevation of privilege vulnerability exists in the     way that the dnsrslvr.dll handles objects in memory. An     attacker who successfully exploited the vulnerability     could execute code with elevated permissions.
    (CVE-2020-1584)

  - An elevation of privilege vulnerability exists when the     Windows Runtime improperly handles objects in memory. An     attacker who successfully exploited this vulnerability     could run arbitrary code in an elevated context. An     attacker could exploit this vulnerability by running a     specially crafted application on the victim system. The     update addresses the vulnerability by correcting the way     the Windows Runtime handles objects in memory.
    (CVE-2020-1553)

  - An elevation of privilege vulnerability exists when     ASP.NET or .NET web applications running on IIS     improperly allow access to cached files. An attacker who     successfully exploited this vulnerability could gain     access to restricted files.  (CVE-2020-1476)

  - An elevation of privilege vulnerability exists when the     Windows Remote Access improperly handles file     operations. An attacker who successfully exploited this     vulnerability could gain elevated privileges.
    (CVE-2020-1537)

  - An elevation of privilege vulnerability exists when the     &quot;Public Account Pictures&quot; folder improperly     handles junctions.  (CVE-2020-1565)

  - An elevation of privilege vulnerability exists when the     Windows Backup Service improperly handles file     operations.  (CVE-2020-1534)

  - A remote code execution vulnerability exists when     Microsoft Edge PDF Reader improperly handles objects in     memory. The vulnerability could corrupt memory in such a     way that enables an attacker to execute arbitrary code     in the context of the current user. An attacker who     successfully exploited the vulnerability could gain the     same user rights as the current user. If the current     user is logged on with administrative user rights, an     attacker could take control of an affected system. An     attacker could then install programs; view, change, or     delete data; or create new accounts with full user     rights.  (CVE-2020-1568)

  - An elevation of privilege vulnerability exists when an     attacker establishes a vulnerable Netlogon secure     channel connection to a domain controller, using the     Netlogon Remote Protocol (MS-NRPC). An attacker who     successfully exploited the vulnerability could run a     specially crafted application on a device on the     network.  (CVE-2020-1472)

  - An elevation of privilege vulnerability exists when the     Windows Kernel API improperly handles registry objects     in memory. An attacker who successfully exploited the     vulnerability could gain elevated privileges on a     targeted system. A locally authenticated attacker could     exploit this vulnerability by running a specially     crafted application. The security update addresses the     vulnerability by helping to ensure that the Windows     Kernel API properly handles objects in memory.
    (CVE-2020-1377, CVE-2020-1378)

  - An elevation of privilege vulnerability exists when the     Windows Print Spooler service improperly allows     arbitrary writing to the file system. An attacker who     successfully exploited this vulnerability could run     arbitrary code with elevated system privileges. An     attacker could then install programs; view, change, or     delete data; or create new accounts with full user     rights.  (CVE-2020-1337)

  - An information disclosure vulnerability exists when the     Windows Image Acquisition (WIA) Service improperly     discloses contents of its memory. An attacker who     successfully exploited the vulnerability could obtain     information to further compromise the users system.
    (CVE-2020-1474, CVE-2020-1485)

  - An elevation of privilege vulnerability exists when the     Windows Ancillary Function Driver for WinSock improperly     handles memory.  (CVE-2020-1587)

  - A remote code execution vulnerability exists when the     Windows Jet Database Engine improperly handles objects     in memory. An attacker who successfully exploited this     vulnerability could execute arbitrary code on a victim     system. An attacker could exploit this vulnerability by     enticing a victim to open a specially crafted file. The     update addresses the vulnerability by correcting the way     the Windows Jet Database Engine handles objects in     memory. (CVE-2020-1473, CVE-2020-1557, CVE-2020-1558,     CVE-2020-1564)

  - A remote code execution vulnerability exists when     Microsoft .NET Framework processes input. An attacker     who successfully exploited this vulnerability could take     control of an affected system.  (CVE-2020-1046)

  - An elevation of privilege vulnerability exists in the     way that the Windows WalletService handles objects in     memory. An attacker who successfully exploited the     vulnerability could execute code with elevated     permissions.  (CVE-2020-1533, CVE-2020-1556)

  - An elevation of privilege vulnerability exists in the     way that the Windows Graphics Device Interface (GDI)     handles objects in memory. An attacker who successfully     exploited this vulnerability could run arbitrary code in     kernel mode. An attacker could then install programs;
    view, change, or delete data; or create new accounts     with full user rights.  (CVE-2020-1529)

  - A remote code execution vulnerability exists in the way     that the scripting engine handles objects in memory in     Internet Explorer. The vulnerability could corrupt     memory in such a way that an attacker could execute     arbitrary code in the context of the current user. An     attacker who successfully exploited the vulnerability     could gain the same user rights as the current user.
    (CVE-2020-1380, CVE-2020-1570)

  - An elevation of privilege vulnerability exists when the     Windows AppX Deployment Extensions improperly performs     privilege management, resulting in access to system     files.  (CVE-2020-1488)

  - An elevation of privilege vulnerability exists when the     Windows Function Discovery SSDP Provider improperly     handles memory.  (CVE-2020-1579)

  - A remote code execution vulnerability exists in the way     that Microsoft Graphics Components handle objects in     memory. An attacker who successfully exploited the     vulnerability could execute arbitrary code on a target     system.  (CVE-2020-1561, CVE-2020-1562)

  - An elevation of privilege vulnerability exists when the     Windows Work Folder Service improperly handles file     operations. An attacker who successfully exploited this     vulnerability could run processes in an elevated     context. An attacker could exploit this vulnerability by     running a specially crafted application on the victim     system. The update addresses the vulnerability by     correcting the way the Windows Work Folder Service     handles file operations. (CVE-2020-1552)

  - An elevation of privilege vulnerability exists when     Windows Remote Access improperly handles memory.
    (CVE-2020-1530)

  - A remote code execution vulnerability exists in the way     that the MSHTML engine improperly validates input. An     attacker could execute arbitrary code in the context of     the current user.  (CVE-2020-1567)

  - A spoofing vulnerability exists when Windows incorrectly     validates file signatures. An attacker who successfully     exploited this vulnerability could bypass security     features and load improperly signed files. In an attack     scenario, an attacker could bypass security features     intended to prevent improperly signed files from being     loaded. The update addresses the vulnerability by     correcting how Windows validates file signatures.
    (CVE-2020-1464)

Detections

Analytics

Plugins Search

critical