| VID |
26839 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
Microsoft Security Update for January 2020 is not installed.
- An information disclosure vulnerability exists when Remote Desktop Web Access improperly handles credential information. (CVE-2020-0637)
- An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory. (CVE-2020-0615, CVE-2020-0639)
- An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. (CVE-2020-0642)
- A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file. (CVE-2020-0605, CVE-2020-0606)
- An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links. (CVE-2020-0635)
- An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system. (CVE-2020-0643)
- A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. (CVE-2020-0640)
- An information disclosure vulnerability exists when the win32k component improperly provides kernel information. (CVE-2020-0608)
- An elevation of privilege vulnerability exists when Microsoft Cryptographic Services improperly handles files. (CVE-2020-0620)
- An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. (CVE-2020-0634)
- An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory. (CVE-2020-0625~0632)
- An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. (CVE-2020-0607)
- A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly. (CVE-2020-0646)
- A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. (CVE-2020-0611)
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of this condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
https://support.microsoft.com/en-us/help/4534310
https://support.microsoft.com/en-us/help/4534314
* Platforms Affected:
Windows Server 2008 SP2
Windows Server 2008 x64 SP2
Windows Server 2008 R2 SP1
Windows Server 2008 R2 x64 SP1
Windows 8.1
Windows Server 2012
Windows Server 2012 R2
Windows 10
Windows Server 2016 |
| Recommendation |
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin January 2020 Microsoft security update at
https://support.microsoft.com/en-us/help/4534310
https://support.microsoft.com/en-us/help/4534314
-- OR --
Patches for Windows platforms are also available from the Microsoft Windows Update Web site, http://windowsupdate.microsoft.com. Windows Update detects what version of Windows you are running and offers the appropriate patch. |
| Related URL |
CVE-2020-0605,CVE-2020-0606,CVE-2020-0607,CVE-2020-0608,CVE-2020-0611,CVE-2020-0615,CVE-2020-0620,CVE-2020-0625,CVE-2020-0626,CVE-2020-0627 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
