Virtual Machine IDE Drive Elevation of Privilege Vulnerability

Windows Encrypting File System (EFS) Elevation of Privilege Vulnerability

Windows Installer Elevation of Privilege Vulnerability

Windows Digital Media Receiver Elevation of Privilege Vulnerability

Microsoft Message Queuing Information Disclosure Vulnerability

Windows Fax Service Remote Code Execution Vulnerability

Windows NTFS Elevation of Privilege Vulnerability

Windows NTFS Elevation of Privilege Vulnerability

Microsoft Message Queuing Information Disclosure Vulnerability

Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability

iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution

Windows Common Log File System Driver Elevation of Privilege Vulnerability

Windows Win32k Elevation of Privilege Vulnerability

Windows Event Tracing Elevation of Privilege Vulnerability

Windows ActiveX Installer Service Information Disclosure Vulnerability

Windows LUAFV Elevation of Privilege Vulnerability

Windows Kernel Local Elevation of Privilege Vulnerability

Windows Remote Access Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when ASP.NET or .NET web applications running on IIS improperly allow access to cached files. An attacker who successfully exploited this vulnerability could gain access to restricted files. To exploit this vulnerability, an attacker would need to send a specially crafted request to an affected server. The update addresses the vulnerability by changing how ASP.NET and .NET handle requests.

A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036, CVE-2020-1040, CVE-2020-1041, CVE-2020-1042.