ID de Prueba:	1.3.6.1.4.1.25623.1.0.817269
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Multiple Vulnerabilities (KB4571736)
Resumen:	This host is missing a critical security; update according to Microsoft KB4571736
Descripción:	Summary: This host is missing a critical security update according to Microsoft KB4571736 Vulnerability Insight: Multiple flaws exist due to: - An error when the Windows Print Spooler service improperly allows arbitrary writing to the file system. - An error when the Windows Kernel API fails to properly handle registry objects in memory. - An error when Windows Media Foundation fails to properly handle objects in memory. - An error in the way that the scripting engine handles objects in the memory in Internet Explorer. - An error in RPC if the server has Routing and Remote Access enabled. Please see the references for more information on the vulnerabilities. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code, elevate privileges and disclose sensitive information. Affected Software/OS: Microsoft Windows Server 2012. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-1337 http://packetstormsecurity.com/files/160028/Microsoft-Windows-Local-Spooler-Bypass.html http://packetstormsecurity.com/files/160993/Microsoft-Spooler-Local-Privilege-Elevation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1337 Common Vulnerability Exposure (CVE) ID: CVE-2020-1339 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1339 Common Vulnerability Exposure (CVE) ID: CVE-2020-1377 http://packetstormsecurity.com/files/158938/Microsoft-Windows-CmpDoReDoCreateKey-Arbitrary-Registry-Key-Creation-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1377 Common Vulnerability Exposure (CVE) ID: CVE-2020-1378 http://packetstormsecurity.com/files/158939/Microsoft-Windows-CmpDoReadTxRBigLogRecord-Memory-Corruption-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1378 Common Vulnerability Exposure (CVE) ID: CVE-2020-1379 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1379 Common Vulnerability Exposure (CVE) ID: CVE-2020-1380 http://packetstormsecurity.com/files/163056/Internet-Explorer-jscript9.dll-Memory-Corruption.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1380 Common Vulnerability Exposure (CVE) ID: CVE-2020-1383 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1383 Common Vulnerability Exposure (CVE) ID: CVE-2020-1464 https://blog.virustotal.com/2019/01/distribution-of-malicious-jar-appended.html https://krebsonsecurity.com/2020/08/microsoft-put-off-fixing-zero-day-for-2-years/ https://medium.com/%40TalBeerySec/glueball-the-story-of-cve-2020-1464-50091a1f98bd https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1464 Common Vulnerability Exposure (CVE) ID: CVE-2020-1466 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1466 Common Vulnerability Exposure (CVE) ID: CVE-2020-1467 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1467 Common Vulnerability Exposure (CVE) ID: CVE-2020-1472 FEDORA-2020-0be2776ed3 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ FEDORA-2020-77c15664b0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ FEDORA-2020-a1d139381a https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/ GLSA-202012-24 https://security.gentoo.org/glsa/202012-24 USN-4510-1 https://usn.ubuntu.com/4510-1/ USN-4510-2 https://usn.ubuntu.com/4510-2/ USN-4559-1 https://usn.ubuntu.com/4559-1/ VU#490028 https://www.kb.cert.org/vuls/id/490028 [debian-lts-announce] 20201123 [SECURITY] [DLA 2463-1] samba security update https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html [oss-security] 20200917 Samba and CVE-2020-1472 ("Zerologon") http://www.openwall.com/lists/oss-security/2020/09/17/2 http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472 https://www.oracle.com/security-alerts/cpuApr2021.html https://www.synology.com/security/advisory/Synology_SA_20_21 openSUSE-SU-2020:1513 http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html openSUSE-SU-2020:1526 http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html Common Vulnerability Exposure (CVE) ID: CVE-2020-1473 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1473 Common Vulnerability Exposure (CVE) ID: CVE-2020-1474 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1474 Common Vulnerability Exposure (CVE) ID: CVE-2020-1475 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1475 Common Vulnerability Exposure (CVE) ID: CVE-2020-1477 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1477 Common Vulnerability Exposure (CVE) ID: CVE-2020-1478 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1478 Common Vulnerability Exposure (CVE) ID: CVE-2020-1485 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1485 Common Vulnerability Exposure (CVE) ID: CVE-2020-1486 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1486 Common Vulnerability Exposure (CVE) ID: CVE-2020-1488 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1488 Common Vulnerability Exposure (CVE) ID: CVE-2020-1489 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1489 Common Vulnerability Exposure (CVE) ID: CVE-2020-1509 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1509 Common Vulnerability Exposure (CVE) ID: CVE-2020-1513 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1513 Common Vulnerability Exposure (CVE) ID: CVE-2020-1515 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1515 Common Vulnerability Exposure (CVE) ID: CVE-2020-1517 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1517 Common Vulnerability Exposure (CVE) ID: CVE-2020-1518 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1518 Common Vulnerability Exposure (CVE) ID: CVE-2020-1519 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1519 Common Vulnerability Exposure (CVE) ID: CVE-2020-1520 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1520 Common Vulnerability Exposure (CVE) ID: CVE-2020-1529 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1529 Common Vulnerability Exposure (CVE) ID: CVE-2020-1530 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1530 Common Vulnerability Exposure (CVE) ID: CVE-2020-1537 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1537 Common Vulnerability Exposure (CVE) ID: CVE-2020-1538 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1538 Common Vulnerability Exposure (CVE) ID: CVE-2020-1554 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1554 Common Vulnerability Exposure (CVE) ID: CVE-2020-1557 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1557 Common Vulnerability Exposure (CVE) ID: CVE-2020-1558 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1558 Common Vulnerability Exposure (CVE) ID: CVE-2020-1562 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1562 Common Vulnerability Exposure (CVE) ID: CVE-2020-1564 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1564 Common Vulnerability Exposure (CVE) ID: CVE-2020-1565 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1565 Common Vulnerability Exposure (CVE) ID: CVE-2020-1567 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1567 Common Vulnerability Exposure (CVE) ID: CVE-2020-1570 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1570 Common Vulnerability Exposure (CVE) ID: CVE-2020-1577 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1577 Common Vulnerability Exposure (CVE) ID: CVE-2020-1579 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1579 Common Vulnerability Exposure (CVE) ID: CVE-2020-1584 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1584 Common Vulnerability Exposure (CVE) ID: CVE-2020-1587 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1587
Copyright	Copyright (C) 2020 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.