Microsoft Windows Multiple Vulnerabilities (KB4516070)

Published: 2019-09-11 05:16:27
CVE Author: NIST National Vulnerability Database (NVD)

CVSS Base Vector:

This host is missing a critical security update according to Microsoft KB4516070

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws exists due to, - An error in Windows Text Service Framework (TSF) when the TSF server process does not validate the source of input or commands it receives. - Diagnostics Hub Standard Collector Service improperly impersonates certain file operations. - Windows Common Log File System (CLFS) driver improperly handles objects in memory. - DirectX improperly handles objects in memory. - Windows Transaction Manager improperly handles objects in memory. - Windows improperly handles calls to Advanced Local Procedure Call (ALPC). - An elevation of privilege exists in hdAudio. - DirectWrite improperly discloses the contents of its memory. For more information about the vulnerabilities refer Reference links.

Successful exploitation will allow an attacker to gain elevated privileges, execute code with elevated permissions, obtain information to further compromise the user's system and cause a target system to stop responding.

Affected Versions:
Windows 10 for 32-bit Systems Windows 10 for x64-based Systems

The vendor has released updates. Please see the references for more information.

Solution Type:
Vendor Patch

Detection Type:

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)


CVSS Score

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.