Microsoft Windows Multiple Vulnerabilities (KB4507448)

Published: 2019-07-10 04:46:06
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:

This host is missing a critical security update according to Microsoft KB4507448

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws exist due to, - Scripting engine handles objects in memory in Microsoft browsers. - Windows RDP client improperly discloses the contents of its memory. - Windows Graphics Device Interface (GDI) handles objects in the memory. - An elevation of privilege exists in Windows Audio Service. - Internet Explorer improperly accesses objects in memory. For more information about the vulnerabilities refer Reference links.

Successful exploitation will allow an attacker to execute arbitrary code, elevate privileges, bypass authentication, conduct denial-of-service condition and disclose sensitive information.

Affected Versions:
Microsoft Windows Server 2012 R2 Microsoft Windows 8.1 for 32-bit/x64

The vendor has released updates. Please see the references for more information.

Solution Type:
Vendor Patch

Detection Type:

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)


CVSS Score

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.