Microsoft: >> Windows Server 2016 >> 1803 Security Vulnerabilities
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features.
To exploit this vulnerability, the attacker would need to tamper with the NTLM exchange. The attacker could then modify flags of the NTLM packet without invalidating the signature.
The update addresses the vulnerability by hardening NTLM MIC protection on the server-side.
CVSS Score
5.9
EPSS Score
0.897
Published
2019-06-12
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system.
The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-06-12
A remote code execution vulnerability exists in the way that comctl32.dll handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
An attacker could host a specially crafted website designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email.
The security update addresses the vulnerability by modifying how comctl32.dll handles objects in memory.
CVSS Score
6.8
EPSS Score
0.025
Published
2019-06-12
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.
The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.
CVSS Score
5.5
EPSS Score
0.076
Published
2019-06-12
An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system.
There are multiple ways an attacker could exploit the vulnerability, such as by convincing a user to open a specially crafted document, or by convincing a user to visit an untrusted webpage.
The security update addresses the vulnerability by correcting how the Windows GDI component handles objects in memory.
CVSS Score
6.5
EPSS Score
0.076
Published
2019-06-12
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.
To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application.
The security update addresses the vulnerability by correcting how the Storage Services handles file operations.
CVSS Score
7.8
EPSS Score
0.007
Published
2019-06-12
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system.
The security update addresses the vulnerability by correcting how CLFS handles objects in memory.
CVSS Score
7.8
EPSS Score
0.002
Published
2019-06-12
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.
To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing.
The security update addresses the vulnerability by correcting how the Windows User Profile Service handles symlinks.
CVSS Score
7.1
EPSS Score
0.037
Published
2019-06-12
An elevation of privilege vulnerability exists when the Storage Service improperly handles file operations. An attacker who successfully exploited this vulnerability could gain elevated privileges on the victim system.
To exploit the vulnerability, an attacker would first have to gain execution on the victim system, then run a specially crafted application.
The security update addresses the vulnerability by correcting how the Storage Services handles file operations.
CVSS Score
7.8
EPSS Score
0.007
Published
2019-06-12
An elevation of privilege exists in Windows Audio Service. An attacker who successfully exploited the vulnerability could run arbitrary code with elevated privileges.
To exploit the vulnerability, an attacker could run a specially crafted application that could exploit the vulnerability. This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running.
The update addresses the vulnerability by correcting how the Windows Audio Service handles processes these requests.
CVSS Score
7.8
EPSS Score
0.003
Published
2019-06-12