Microsoft Windows Multiple Vulnerabilities (KB4507448)
Severity Level: High Severity
CVSS Base Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Summary: This host is missing a critical security
update according to Microsoft KB4507448
Detection Method: Checks if a vulnerable version is present on the target host.
Technical Details: Multiple flaws exist due to,
- Scripting engine handles objects in memory in Microsoft browsers.
- Windows RDP client improperly discloses the contents of its memory.
- Windows Graphics Device Interface (GDI) handles objects in the memory.
- An elevation of privilege exists in Windows Audio Service.
- Internet Explorer improperly accesses objects in memory.
For more information about the vulnerabilities refer Reference links.
Impact: Successful exploitation will allow an attacker
to execute arbitrary code, elevate privileges, bypass authentication, conduct
denial-of-service condition and disclose sensitive information.
Affected Versions: Microsoft Windows Server 2012 R2
Microsoft Windows 8.1 for 32-bit/x64
Recommendations: The vendor has released updates. Please see
the references for more information.