Microsoft Windows Multiple Vulnerabilities (KB4512516)

Published: 2019-08-14 03:42:59
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:

This host is missing a critical security update according to Microsoft KB4512516

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws exists due to, - Windows improperly handles objects in memory. - Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system. - Windows DirectX improperly handles objects in memory. - Windows font library improperly handles specially crafted embedded fonts. - Windows improperly handles calls to Advanced Local Procedure Call (ALPC). - Windows Jet Database Engine improperly handles objects in memory. - Chakra scripting engine improperly handles objects in memory in Microsoft Edge. - Windows GDI component improperly discloses the contents of its memory. - Windows kernel fails to properly handle objects in memory. For more information about the vulnerabilities refer Reference links.

Successful exploitation will allow an attacker to run arbitrary code on the client machine, disclose sensitive information, elevate privileges and create a denial of service condition causing the target system to become unresponsive.

Affected Versions:
Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for 32-bit Systems

The vendor has released updates. Please see the references for more information.

Solution Type:
Vendor Patch

Detection Type:

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)


CVSS Score

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.