Microsoft Windows Multiple Vulnerabilities (KB4520004)

Published: 2019-10-09 04:43:33
CVE Author: NIST National Vulnerability Database

CVSS Base Vector:

This host is missing a critical security update according to Microsoft KB4520004

Detection Method:
Checks if a vulnerable version is present on the target host.

Technical Details:
Multiple flaws exists due to, - Microsoft Browsers does not properly parse HTTP content. - A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection. - Chakra scripting engine improperly handles objects in memory in Microsoft Edge. - Windows Error Reporting (WER) improperly handles and executes files. - Windows kernel improperly handles objects in memory. - Windows Jet Database Engine improperly handles objects in memory. - Scripting engine improperly handles objects in memory in Internet Explorer. For more information about the vulnerabilities refer Reference links.

Successful exploitation will allow an attacker to run arbitrary code on the client machine, bypass security restrictions, elevate privileges and read privileged data across trust boundaries, create a denial of service condition and conduct spoofing attack.

Affected Versions:
Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems

The vendor has released updates. Please see the references for more information.

Solution Type:
Vendor Patch

Detection Type:

NIST (National Institute of Standards and Technology) NVD (National Vulnerability Database)


CVSS Score
Windows : Microsoft Bulletins

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.