Test ID:	1.3.6.1.4.1.25623.1.0.814695
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Windows Multiple Vulnerabilities (KB4489882)
Summary:	This host is missing a critical security; update according to Microsoft KB4489882
Description:	Summary: This host is missing a critical security update according to Microsoft KB4489882 Vulnerability Insight: Multiple flaws exist due to: - Microsoft Edge does not properly enforce cross-domain policies. - The scripting engine improperly handles objects in memory in Microsoft Edge. - Windows Jet Database Engine improperly handles objects in memory. - Windows GDI component improperly discloses the contents of its memory. - Windows kernel improperly handles objects in memory. - The win32k component improperly provides kernel information. - Microsoft XML Core Services MSXML parser processes user input. - Windows improperly handles objects in memory. - The Windows Print Spooler does not properly handle objects in memory. - Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. - Windows kernel fails to properly handle objects in memory. - Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system. - Chakra scripting engine handles objects in memory in Microsoft Edge. - Windows SMB Server does not properly handles certain requests. - Windows Deployment Services TFTP Server does not properly handle objects in memory. - Windows AppX Deployment Server allows file creation in arbitrary locations. - Internet Explorer improperly accesses objects in memory. - Internet Explorer fails to validate the correct Security Zone of requests for specific URLs. - The ActiveX Data objects (ADO) improperly handles objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to elevate privileges, execute arbitrary code on a victim system, cause the host server to crash and bypass security restrictions. Affected Software/OS: - Microsoft Windows 10 Version 1607 x32/x64 - Microsoft Windows Server 2016 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2019-0603 Common Vulnerability Exposure (CVE) ID: CVE-2019-0609 Common Vulnerability Exposure (CVE) ID: CVE-2019-0782 Common Vulnerability Exposure (CVE) ID: CVE-2019-0783 Common Vulnerability Exposure (CVE) ID: CVE-2019-0784 Common Vulnerability Exposure (CVE) ID: CVE-2019-0614 Common Vulnerability Exposure (CVE) ID: CVE-2019-0617 Common Vulnerability Exposure (CVE) ID: CVE-2019-0797 Common Vulnerability Exposure (CVE) ID: CVE-2019-0821 Common Vulnerability Exposure (CVE) ID: CVE-2019-0680 Common Vulnerability Exposure (CVE) ID: CVE-2019-0690 Common Vulnerability Exposure (CVE) ID: CVE-2019-0695 Common Vulnerability Exposure (CVE) ID: CVE-2019-0696 Common Vulnerability Exposure (CVE) ID: CVE-2019-0702 Common Vulnerability Exposure (CVE) ID: CVE-2019-0703 Common Vulnerability Exposure (CVE) ID: CVE-2019-0704 Common Vulnerability Exposure (CVE) ID: CVE-2019-0746 Common Vulnerability Exposure (CVE) ID: CVE-2019-0754 Common Vulnerability Exposure (CVE) ID: CVE-2019-0755 http://packetstormsecurity.com/files/153407/Microsoft-Windows-CmpAddRemoveContainerToCLFSLog-Arbitrary-File-Directory-Creation.html http://packetstormsecurity.com/files/153408/Microsoft-Windows-Font-Cache-Service-Insecure-Sections.html Common Vulnerability Exposure (CVE) ID: CVE-2019-0756 Common Vulnerability Exposure (CVE) ID: CVE-2019-0759 Common Vulnerability Exposure (CVE) ID: CVE-2019-0761 Common Vulnerability Exposure (CVE) ID: CVE-2019-0763 Common Vulnerability Exposure (CVE) ID: CVE-2019-0765 Common Vulnerability Exposure (CVE) ID: CVE-2019-0766 Common Vulnerability Exposure (CVE) ID: CVE-2019-0767 Common Vulnerability Exposure (CVE) ID: CVE-2019-0769 Common Vulnerability Exposure (CVE) ID: CVE-2019-0770 Common Vulnerability Exposure (CVE) ID: CVE-2019-0771 Common Vulnerability Exposure (CVE) ID: CVE-2019-0772 Common Vulnerability Exposure (CVE) ID: CVE-2019-0773 Common Vulnerability Exposure (CVE) ID: CVE-2019-0774 Common Vulnerability Exposure (CVE) ID: CVE-2019-0775 Common Vulnerability Exposure (CVE) ID: CVE-2019-0776 Common Vulnerability Exposure (CVE) ID: CVE-2019-0779 Common Vulnerability Exposure (CVE) ID: CVE-2019-0780 Common Vulnerability Exposure (CVE) ID: CVE-2019-0665 Common Vulnerability Exposure (CVE) ID: CVE-2019-0666 Common Vulnerability Exposure (CVE) ID: CVE-2019-0667 Common Vulnerability Exposure (CVE) ID: CVE-2019-0678 Common Vulnerability Exposure (CVE) ID: CVE-2019-0601 BugTraq ID: 106883 http://www.securityfocus.com/bid/106883
Copyright	Copyright (C) 2019 Greenbone Networks GmbH

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.