Test Kennung:	1.3.6.1.4.1.25623.1.0.815403
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Multiple Vulnerabilities (KB4507449)
Zusammenfassung:	This host is missing a critical security; update according to Microsoft KB4507449
Beschreibung:	Summary: This host is missing a critical security update according to Microsoft KB4507449 Vulnerability Insight: Multiple flaws exist as, - Remote Desktop Services improperly handles clipboard redirection. - Scripting Engine improperly handles objects in memory in Microsoft browsers. - Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allow signing of SAML tokens with arbitrary symmetric keys. - Windows GDI component improperly handles objects in memory. - An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting. - Kernel Information Disclosure Vulnerability (SWAPGS Attack). Please see the references for more information about the vulnerabilities. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code on a victim system, obtain information to further compromise the user's system and gain elevated privileges. Affected Software/OS: - Microsoft Windows 7 for 32-bit/x64 Systems Service Pack 1 - Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0683 Common Vulnerability Exposure (CVE) ID: CVE-2019-0887 BugTraq ID: 108964 http://www.securityfocus.com/bid/108964 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0887 https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ https://research.checkpoint.com/reverse-rdp-the-hyper-v-connection/ Common Vulnerability Exposure (CVE) ID: CVE-2019-1001 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1001 Common Vulnerability Exposure (CVE) ID: CVE-2019-1004 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1004 Common Vulnerability Exposure (CVE) ID: CVE-2019-1006 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1006 Common Vulnerability Exposure (CVE) ID: CVE-2019-1056 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1056 Common Vulnerability Exposure (CVE) ID: CVE-2019-1059 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1059 Common Vulnerability Exposure (CVE) ID: CVE-2019-1063 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1063 Common Vulnerability Exposure (CVE) ID: CVE-2019-1071 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1071 Common Vulnerability Exposure (CVE) ID: CVE-2019-1073 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1073 Common Vulnerability Exposure (CVE) ID: CVE-2019-1082 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1082 Common Vulnerability Exposure (CVE) ID: CVE-2019-1085 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1085 Common Vulnerability Exposure (CVE) ID: CVE-2019-1088 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1088 Common Vulnerability Exposure (CVE) ID: CVE-2019-1089 http://packetstormsecurity.com/files/153683/Microsoft-Windows-RPCSS-Activation-Kernel-Security-Callback-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1089 Common Vulnerability Exposure (CVE) ID: CVE-2019-1093 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1093 Common Vulnerability Exposure (CVE) ID: CVE-2019-1094 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1094 Common Vulnerability Exposure (CVE) ID: CVE-2019-1095 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1095 Common Vulnerability Exposure (CVE) ID: CVE-2019-1096 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1096 Common Vulnerability Exposure (CVE) ID: CVE-2019-1097 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1097 Common Vulnerability Exposure (CVE) ID: CVE-2019-1098 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1098 Common Vulnerability Exposure (CVE) ID: CVE-2019-1099 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1099 Common Vulnerability Exposure (CVE) ID: CVE-2019-1100 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1100 Common Vulnerability Exposure (CVE) ID: CVE-2019-1101 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1101 Common Vulnerability Exposure (CVE) ID: CVE-2019-1102 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1102 Common Vulnerability Exposure (CVE) ID: CVE-2019-1104 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1104 Common Vulnerability Exposure (CVE) ID: CVE-2019-1108 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1108 Common Vulnerability Exposure (CVE) ID: CVE-2019-1116 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1116 Common Vulnerability Exposure (CVE) ID: CVE-2019-1125 RHBA-2019:2824 https://access.redhat.com/errata/RHBA-2019:2824 RHBA-2019:3248 https://access.redhat.com/errata/RHBA-2019:3248 RHSA-2019:2600 https://access.redhat.com/errata/RHSA-2019:2600 RHSA-2019:2609 https://access.redhat.com/errata/RHSA-2019:2609 RHSA-2019:2695 https://access.redhat.com/errata/RHSA-2019:2695 RHSA-2019:2696 https://access.redhat.com/errata/RHSA-2019:2696 RHSA-2019:2730 https://access.redhat.com/errata/RHSA-2019:2730 RHSA-2019:2899 https://access.redhat.com/errata/RHSA-2019:2899 RHSA-2019:2900 https://access.redhat.com/errata/RHSA-2019:2900 RHSA-2019:2975 https://access.redhat.com/errata/RHSA-2019:2975 RHSA-2019:3011 https://access.redhat.com/errata/RHSA-2019:3011 RHSA-2019:3220 https://access.redhat.com/errata/RHSA-2019:3220 http://packetstormsecurity.com/files/156337/SWAPGS-Attack-Proof-Of-Concept.html http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-swapgs-en https://kc.mcafee.com/corporate/index?page=content&id=SB10297 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125 https://www.synology.com/security/advisory/Synology_SA_19_32 Common Vulnerability Exposure (CVE) ID: CVE-2019-1132 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1132
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.