Microsoft: >> Windows 10 >> 1803 Security Vulnerabilities
Remote Desktop Protocol Server Information Disclosure Vulnerability
CVSS Score
7.7
EPSS Score
0.043
Published
2020-11-11
DirectX Elevation of Privilege Vulnerability
CVSS Score
7.0
EPSS Score
0.004
Published
2020-11-11
Windows WalletService Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.005
Published
2020-11-11
Remote Desktop Protocol Client Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.006
Published
2020-11-11
Windows Print Spooler Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.006
Published
2020-11-11
Windows Graphics Component Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.005
Published
2020-11-11
<p>An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.</p>
<p>To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges.</p>
<p>The security update addresses the vulnerability by correcting how the Windows Backup Service handles file operations.</p>
CVSS Score
7.8
EPSS Score
0.005
Published
2020-10-16
<p>A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code.</p>
<p>Exploitation of the vulnerability requires that a program process a specially crafted image file.</p>
<p>The update addresses the vulnerability by correcting how Microsoft Windows Codecs Library handles objects in memory.</p>
CVSS Score
7.8
EPSS Score
0.083
Published
2020-10-16
<p>An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.</p>
<p>This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running.</p>
<p>The update addresses the vulnerabilities by correcting how Windows Hyper-V handles objects in memory.</p>
CVSS Score
7.8
EPSS Score
0.007
Published
2020-10-16
<p>An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could gain elevated privileges on a target operating system.</p>
<p>This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running.</p>
<p>The update addresses the vulnerabilities by correcting how Windows Hyper-V handles objects in memory.</p>
CVSS Score
8.8
EPSS Score
0.007
Published
2020-10-16