Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2019-12-10 |
| Product | Windows Server 2016 | Last view | 2020-10-16 |
| Version | 1909 | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:microsoft:windows_server_2016 | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2020-10-16 | CVE-2020-16980 | An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations, aka 'Windows iSCSI Target Service Elevation of Privilege Vulnerability'. |
| 7.8 | 2020-10-16 | CVE-2020-16976 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975. |
| 7.8 | 2020-10-16 | CVE-2020-16975 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16976. |
| 7.8 | 2020-10-16 | CVE-2020-16974 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16972, CVE-2020-16973, CVE-2020-16975, CVE-2020-16976. |
| 7.8 | 2020-10-16 | CVE-2020-16973 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16972, CVE-2020-16974, CVE-2020-16975, CVE-2020-16976. |
| 7.8 | 2020-10-16 | CVE-2020-16972 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16936, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975, CVE-2020-16976. |
| 7.5 | 2020-10-16 | CVE-2020-16949 | A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Denial of Service Vulnerability'. |
| 5.5 | 2020-10-16 | CVE-2020-16940 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points, aka 'Windows - User Profile Service Elevation of Privilege Vulnerability'. |
| 7.8 | 2020-10-16 | CVE-2020-16939 | An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'. |
| 7.8 | 2020-10-16 | CVE-2020-16936 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16912, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975, CVE-2020-16976. |
| 7.8 | 2020-10-16 | CVE-2020-16935 | An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16916. |
| 8.8 | 2020-10-16 | CVE-2020-16933 | A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files, aka 'Microsoft Word Security Feature Bypass Vulnerability'. |
| 7.5 | 2020-10-16 | CVE-2020-16927 | A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'. |
| 7.8 | 2020-10-16 | CVE-2020-16924 | A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. |
| 7.8 | 2020-10-16 | CVE-2020-16923 | A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1167. |
| 5.5 | 2020-10-16 | CVE-2020-16922 | A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows Spoofing Vulnerability'. |
| 5.5 | 2020-10-16 | CVE-2020-16921 | An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory, aka 'Windows Text Services Framework Information Disclosure Vulnerability'. |
| 7.8 | 2020-10-16 | CVE-2020-16920 | An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations, aka 'Windows Application Compatibility Client Library Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16876. |
| 5.5 | 2020-10-16 | CVE-2020-16919 | An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations, aka 'Windows Enterprise App Management Service Information Disclosure Vulnerability'. |
| 8.8 | 2020-10-16 | CVE-2020-16915 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. |
| 5.5 | 2020-10-16 | CVE-2020-16914 | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'. |
| 7.8 | 2020-10-16 | CVE-2020-16913 | An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16907. |
| 7.8 | 2020-10-16 | CVE-2020-16912 | An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-16936, CVE-2020-16972, CVE-2020-16973, CVE-2020-16974, CVE-2020-16975, CVE-2020-16976. |
| 8.8 | 2020-10-16 | CVE-2020-16911 | A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. |
| 5.5 | 2020-10-16 | CVE-2020-16910 | A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location.To exploit this vulnerability, an attacker could run a specially crafted application to bypass Unified Extensible Firmware Interface (UEFI) variable security in Windows.The security update addresses the vulnerability by correcting security feature behavior to enforce permissions., aka 'Windows Security Feature Bypass Vulnerability'. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 61% (390) | CWE-269 | Improper Privilege Management |
| 14% (93) | CWE-200 | Information Exposure |
| 14% (93) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 4% (28) | CWE-20 | Improper Input Validation |
| 0% (4) | CWE-59 | Improper Link Resolution Before File Access ('Link Following') |
| 0% (3) | CWE-787 | Out-of-bounds Write |
| 0% (3) | CWE-347 | Improper Verification of Cryptographic Signature |
| 0% (3) | CWE-125 | Out-of-bounds Read |
| 0% (2) | CWE-732 | Incorrect Permission Assignment for Critical Resource |
| 0% (2) | CWE-665 | Improper Initialization |
| 0% (2) | CWE-416 | Use After Free |
| 0% (2) | CWE-362 | Race Condition |
| 0% (1) | CWE-755 | Improper Handling of Exceptional Conditions |
| 0% (1) | CWE-754 | Improper Check for Unusual or Exceptional Conditions |
| 0% (1) | CWE-522 | Insufficiently Protected Credentials |
| 0% (1) | CWE-434 | Unrestricted Upload of File with Dangerous Type |
| 0% (1) | CWE-401 | Failure to Release Memory Before Removing Last Reference ('Memory L... |
| 0% (1) | CWE-400 | Uncontrolled Resource Consumption ('Resource Exhaustion') |
| 0% (1) | CWE-346 | Origin Validation Error |
| 0% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
| 0% (1) | CWE-295 | Certificate Issues |
| 0% (1) | CWE-287 | Improper Authentication |
| 0% (1) | CWE-281 | Improper Preservation of Permissions |
| 0% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 0% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2020-10-22 | Microsoft Windows NetrServerReqChallenge RPC transport sign and seal disablin... RuleID : 55802 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-20 | Microsoft Windows Netlogon crafted NetrServerAuthenticate elevation of privil... RuleID : 55704 - Type : OS-WINDOWS - Revision : 2 |
| 2020-10-20 | Microsoft Windows Netlogon crafted NetrServerReqChallenge elevation of privil... RuleID : 55703 - Type : OS-WINDOWS - Revision : 2 |
| 2020-10-13 | Active Directory LDAP addRequest crafted dnsRecord information leak attempt RuleID : 55206 - Type : SERVER-OTHER - Revision : 1 |
| 2020-10-08 | Microsoft Windows kernel driver escalation of privilege attempt RuleID : 55188 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-08 | Microsoft Windows kernel driver escalation of privilege attempt RuleID : 55187 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-06 | Microsoft Windows kernel DirectComposition use after free attempt RuleID : 55162 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-06 | Microsoft Windows kernel DirectComposition use after free attempt RuleID : 55161 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-06 | Microsoft Windows DirectX kernel driver local privilege escalation attempt RuleID : 55146 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-06 | Microsoft Windows DirectX kernel driver local privilege escalation attempt RuleID : 55145 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-06 | Microsoft Windows win32k kernel driver use after free attempt RuleID : 55144 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-06 | Microsoft Windows win32k kernel driver use after free attempt RuleID : 55143 - Type : OS-WINDOWS - Revision : 1 |
| 2020-10-06 | Microsoft Windows CLFS Driver elevation of privilege attempt RuleID : 55142 - Type : FILE-OTHER - Revision : 1 |
| 2020-10-06 | Microsoft Windows CLFS Driver elevation of privilege attempt RuleID : 55141 - Type : FILE-OTHER - Revision : 1 |
| 2020-10-06 | Microsoft Windows Active Directory information disclosure attempt RuleID : 55140 - Type : SERVER-OTHER - Revision : 1 |
| 2020-10-06 | Microsoft Windows Active Directory information disclosure attempt RuleID : 55139 - Type : SERVER-OTHER - Revision : 1 |
| 2020-09-19 | Windows print spooler elevation of privilege attempt RuleID : 54820 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-19 | Windows print spooler elevation of privilege attempt RuleID : 54819 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-19 | Windows Print Spooler elevation of privilege attempt RuleID : 54818 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-19 | Windows Print Spooler elevation of privilege attempt RuleID : 54817 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows TCPIP kernel driver use-after-free attempt RuleID : 54766 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows TCPIP kernel driver use-after-free attempt RuleID : 54765 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows kernel information disclosure attempt RuleID : 54754 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows kernel information disclosure attempt RuleID : 54753 - Type : OS-WINDOWS - Revision : 1 |
| 2020-09-15 | Microsoft Windows GDI elevation of privilege attempt RuleID : 54746 - Type : OS-WINDOWS - Revision : 1 |
