ID de Prueba:	1.3.6.1.4.1.25623.1.0.815514
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Multiple Vulnerabilities (KB4507462)
Resumen:	This host is missing a critical security; update according to Microsoft KB4480963
Descripción:	Summary: This host is missing a critical security update according to Microsoft KB4480963 Vulnerability Insight: Multiple flaws exist due to: - DHCP failover servers improperly handle network packets. - splwow64.exe improperly handles certain calls. - Remote Desktop Services improperly handles clipboard redirection. - Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allow signing of SAML tokens with arbitrary symmetric keys. - Kernel Information Disclosure Vulnerability (SWAPGS Attack). Please see the references for more information about the vulnerabilities. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code, elevate privileges, bypass authentication and disclose sensitive information. Affected Software/OS: Microsoft Windows Server 2012. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0683 Common Vulnerability Exposure (CVE) ID: CVE-2019-0785 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0785 Common Vulnerability Exposure (CVE) ID: CVE-2019-0880 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0880 Common Vulnerability Exposure (CVE) ID: CVE-2019-0887 BugTraq ID: 108964 http://www.securityfocus.com/bid/108964 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0887 https://research.checkpoint.com/reverse-rdp-attack-code-execution-on-rdp-clients/ https://research.checkpoint.com/reverse-rdp-the-hyper-v-connection/ Common Vulnerability Exposure (CVE) ID: CVE-2019-1004 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1004 Common Vulnerability Exposure (CVE) ID: CVE-2019-1006 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1006 Common Vulnerability Exposure (CVE) ID: CVE-2019-1059 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1059 Common Vulnerability Exposure (CVE) ID: CVE-2019-1063 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1063 Common Vulnerability Exposure (CVE) ID: CVE-2019-1071 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1071 Common Vulnerability Exposure (CVE) ID: CVE-2019-1073 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1073 Common Vulnerability Exposure (CVE) ID: CVE-2019-1082 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1082 Common Vulnerability Exposure (CVE) ID: CVE-2019-1085 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1085 Common Vulnerability Exposure (CVE) ID: CVE-2019-1088 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1088 Common Vulnerability Exposure (CVE) ID: CVE-2019-1089 http://packetstormsecurity.com/files/153683/Microsoft-Windows-RPCSS-Activation-Kernel-Security-Callback-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1089 Common Vulnerability Exposure (CVE) ID: CVE-2019-1093 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1093 Common Vulnerability Exposure (CVE) ID: CVE-2019-1094 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1094 Common Vulnerability Exposure (CVE) ID: CVE-2019-1095 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1095 Common Vulnerability Exposure (CVE) ID: CVE-2019-1096 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1096 Common Vulnerability Exposure (CVE) ID: CVE-2019-1097 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1097 Common Vulnerability Exposure (CVE) ID: CVE-2019-1102 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1102 Common Vulnerability Exposure (CVE) ID: CVE-2019-1104 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1104 Common Vulnerability Exposure (CVE) ID: CVE-2019-1108 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1108 Common Vulnerability Exposure (CVE) ID: CVE-2019-1125 RHBA-2019:2824 https://access.redhat.com/errata/RHBA-2019:2824 RHBA-2019:3248 https://access.redhat.com/errata/RHBA-2019:3248 RHSA-2019:2600 https://access.redhat.com/errata/RHSA-2019:2600 RHSA-2019:2609 https://access.redhat.com/errata/RHSA-2019:2609 RHSA-2019:2695 https://access.redhat.com/errata/RHSA-2019:2695 RHSA-2019:2696 https://access.redhat.com/errata/RHSA-2019:2696 RHSA-2019:2730 https://access.redhat.com/errata/RHSA-2019:2730 RHSA-2019:2899 https://access.redhat.com/errata/RHSA-2019:2899 RHSA-2019:2900 https://access.redhat.com/errata/RHSA-2019:2900 RHSA-2019:2975 https://access.redhat.com/errata/RHSA-2019:2975 RHSA-2019:3011 https://access.redhat.com/errata/RHSA-2019:3011 RHSA-2019:3220 https://access.redhat.com/errata/RHSA-2019:3220 http://packetstormsecurity.com/files/156337/SWAPGS-Attack-Proof-Of-Concept.html http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-swapgs-en https://kc.mcafee.com/corporate/index?page=content&id=SB10297 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125 https://www.synology.com/security/advisory/Synology_SA_19_32 Common Vulnerability Exposure (CVE) ID: CVE-2019-1130 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1130
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.