Test Kennung:	1.3.6.1.4.1.25623.1.0.814692
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Multiple Vulnerabilities (KB4489899)
Zusammenfassung:	This host is missing a critical security; update according to Microsoft KB4489899
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft KB4489899 Vulnerability Insight: Multiple flaws exist due to: - Microsoft Edge does not properly enforce cross-domain policies. - The scripting engine improperly handles objects in memory in Microsoft Edge and browsers. - Click2Play protection in Microsoft Edge improperly handles flash objects. - The ChakraCore scripting engine improperly handles objects in memory. - The Windows Jet Database Engine improperly handles objects in memory. - The Windows GDI component improperly discloses the contents of its memory. - The Windows kernel improperly handles objects in memory. - The win32k component improperly provides kernel information. - The Microsoft XML Core Services MSXML parser improperly processes user input. - The Win32k component fails to properly handle objects in memory. - The Windows Print Spooler does not properly handle objects in memory. - An integer overflow in Windows Subsystem for Linux. - Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. - Windows kernel fails to properly handle objects in memory. - Windows DHCP client does not validate specially crafted DHCP responses to a client. - Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. - Windows SMB Server improperly handles certain requests. - Windows Deployment Services TFTP Server improperly handles objects in memory. - Windows AppX Deployment Server allows file creation in arbitrary locations. - Windows kernel improperly initializes objects in memory. - Microsoft browsers improperly handle requests of different origins. - Internet Explorer improperly accesses objects in memory. - The VBScript engine handles improperly objects in memory. - Internet Explorer fails to validate the correct Security Zone of requests for specific URLs. - Windows kernel fails to properly initialize a memory address. - The ActiveX Data objects (ADO) improperly handles objects in memory. - Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, and to allow requests that should otherwise be ignored. Vulnerability Impact: Successful exploitation will allow an attacker to elevate privileges, gain the same user rights as the current user, run arbitrary code on a target system, obtain information to further compromise the user's system and cause the host server to crash. Affected Software/OS: - Microsoft Windows 10 Version 1809 for 32-bit Systems and - Microsoft Windows 10 Version 1809 for x64-based Systems Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0592 Common Vulnerability Exposure (CVE) ID: CVE-2019-0603 Common Vulnerability Exposure (CVE) ID: CVE-2019-0609 Common Vulnerability Exposure (CVE) ID: CVE-2019-0780 Common Vulnerability Exposure (CVE) ID: CVE-2019-0782 Common Vulnerability Exposure (CVE) ID: CVE-2019-0783 Common Vulnerability Exposure (CVE) ID: CVE-2019-0611 Common Vulnerability Exposure (CVE) ID: CVE-2019-0612 Common Vulnerability Exposure (CVE) ID: CVE-2019-0614 Common Vulnerability Exposure (CVE) ID: CVE-2019-0784 Common Vulnerability Exposure (CVE) ID: CVE-2019-0797 Common Vulnerability Exposure (CVE) ID: CVE-2019-0821 Common Vulnerability Exposure (CVE) ID: CVE-2019-0678 Common Vulnerability Exposure (CVE) ID: CVE-2019-0680 Common Vulnerability Exposure (CVE) ID: CVE-2019-0682 Common Vulnerability Exposure (CVE) ID: CVE-2019-0689 Common Vulnerability Exposure (CVE) ID: CVE-2019-0690 Common Vulnerability Exposure (CVE) ID: CVE-2019-0692 Common Vulnerability Exposure (CVE) ID: CVE-2019-0693 Common Vulnerability Exposure (CVE) ID: CVE-2019-0694 Common Vulnerability Exposure (CVE) ID: CVE-2019-0695 Common Vulnerability Exposure (CVE) ID: CVE-2019-0696 Common Vulnerability Exposure (CVE) ID: CVE-2019-0697 Common Vulnerability Exposure (CVE) ID: CVE-2019-0698 Common Vulnerability Exposure (CVE) ID: CVE-2019-0701 Common Vulnerability Exposure (CVE) ID: CVE-2019-0702 Common Vulnerability Exposure (CVE) ID: CVE-2019-0703 Common Vulnerability Exposure (CVE) ID: CVE-2019-0704 Common Vulnerability Exposure (CVE) ID: CVE-2019-0726 Common Vulnerability Exposure (CVE) ID: CVE-2019-0746 Common Vulnerability Exposure (CVE) ID: CVE-2019-0754 Common Vulnerability Exposure (CVE) ID: CVE-2019-0755 http://packetstormsecurity.com/files/153407/Microsoft-Windows-CmpAddRemoveContainerToCLFSLog-Arbitrary-File-Directory-Creation.html http://packetstormsecurity.com/files/153408/Microsoft-Windows-Font-Cache-Service-Insecure-Sections.html Common Vulnerability Exposure (CVE) ID: CVE-2019-0756 Common Vulnerability Exposure (CVE) ID: CVE-2019-0759 Common Vulnerability Exposure (CVE) ID: CVE-2019-0761 Common Vulnerability Exposure (CVE) ID: CVE-2019-0762 Common Vulnerability Exposure (CVE) ID: CVE-2019-0763 Common Vulnerability Exposure (CVE) ID: CVE-2019-0765 Common Vulnerability Exposure (CVE) ID: CVE-2019-0766 Common Vulnerability Exposure (CVE) ID: CVE-2019-0767 Common Vulnerability Exposure (CVE) ID: CVE-2019-0768 Common Vulnerability Exposure (CVE) ID: CVE-2019-0769 Common Vulnerability Exposure (CVE) ID: CVE-2019-0771 Common Vulnerability Exposure (CVE) ID: CVE-2019-0772 Common Vulnerability Exposure (CVE) ID: CVE-2019-0773 Common Vulnerability Exposure (CVE) ID: CVE-2019-0774 Common Vulnerability Exposure (CVE) ID: CVE-2019-0775 Common Vulnerability Exposure (CVE) ID: CVE-2019-0776 Common Vulnerability Exposure (CVE) ID: CVE-2019-0617 Common Vulnerability Exposure (CVE) ID: CVE-2019-0639 https://www.zerodayinitiative.com/advisories/ZDI-20-122/ Common Vulnerability Exposure (CVE) ID: CVE-2019-0665 Common Vulnerability Exposure (CVE) ID: CVE-2019-0666 Common Vulnerability Exposure (CVE) ID: CVE-2019-0667 Common Vulnerability Exposure (CVE) ID: CVE-2019-0601 BugTraq ID: 106883 http://www.securityfocus.com/bid/106883
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.