Haberler
Microsoft 115 Güvenlik Zafiyetini İçin Güncelleme Yayınladı
Microsoft her ay yayınladığı “Patch Tuesday” olarak bilenen güncelleştirmeleri yayınlayarak tam 115 güvenlik zafiyetini giderdiğini açıkladı.
Mart 2020 güvenlik güncelleştirmelerinin yayımlanmasıyla birlikte Microsoft, Microsoft ürünlerinde 115 güvenlik açığıyla ilgili detaylara baktığımızda, 24’ü Kritik, 88’i Önemli ve 3’ü Orta olarak sınıflandırıldığı görüldü.
Zafiyetler ve güncelleme linkleri şöyle:
Tag | CVE ID | CVE Title | Severity |
---|---|---|---|
Azure | CVE-2020-0902 | Service Fabric Elevation of Privilege | Important |
Azure DevOps | CVE-2020-0758 | Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability | Important |
Azure DevOps | CVE-2020-0815 | Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability | Important |
Azure DevOps | CVE-2020-0700 | Azure DevOps Server Cross-site Scripting Vulnerability | Important |
Internet Explorer | CVE-2020-0824 | Internet Explorer Memory Corruption Vulnerability | Critical |
Microsoft Browsers | CVE-2020-0768 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Dynamics | CVE-2020-0905 | Dynamics Business Central Remote Code Execution Vulnerability | Critical |
Microsoft Edge | CVE-2020-0816 | Microsoft Edge Memory Corruption Vulnerability | Critical |
Microsoft Exchange Server | CVE-2020-0903 | Microsoft Exchange Server Spoofing Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0774 | Windows GDI Information Disclosure Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0788 | Win32k Elevation of Privilege Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0791 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0690 | DirectX Elevation of Privilege Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0853 | Windows Imaging Component Information Disclosure Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0877 | Win32k Elevation of Privilege Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0882 | Windows GDI Information Disclosure Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0883 | GDI+ Remote Code Execution Vulnerability | Critical |
Microsoft Graphics Component | CVE-2020-0881 | GDI+ Remote Code Execution Vulnerability | Critical |
Microsoft Graphics Component | CVE-2020-0880 | Windows GDI Information Disclosure Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0887 | Win32k Elevation of Privilege Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0898 | Windows Graphics Component Elevation of Privilege Vulnerability | Important |
Microsoft Graphics Component | CVE-2020-0885 | Windows Graphics Component Information Disclosure Vulnerability | Important |
Microsoft Office | CVE-2020-0850 | Microsoft Word Remote Code Execution Vulnerability | Important |
Microsoft Office | CVE-2020-0852 | Microsoft Word Remote Code Execution Vulnerability | Critical |
Microsoft Office | CVE-2020-0892 | Microsoft Word Remote Code Execution Vulnerability | Important |
Microsoft Office | CVE-2020-0851 | Microsoft Word Remote Code Execution Vulnerability | Important |
Microsoft Office | CVE-2020-0855 | Microsoft Word Remote Code Execution Vulnerability | Important |
Microsoft Office SharePoint | CVE-2020-0795 | Microsoft SharePoint Reflective XSS Vulnerability | Important |
Microsoft Office SharePoint | CVE-2020-0891 | Microsoft SharePoint Reflective XSS Vulnerability | Important |
Microsoft Office SharePoint | CVE-2020-0893 | Microsoft Office SharePoint XSS Vulnerability | Important |
Microsoft Office SharePoint | CVE-2020-0894 | Microsoft Office SharePoint XSS Vulnerability | Important |
Microsoft Scripting Engine | CVE-2020-0830 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0829 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0813 | Scripting Engine Information Disclosure Vulnerability | Important |
Microsoft Scripting Engine | CVE-2020-0826 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0827 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0825 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0831 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0847 | VBScript Remote Code Execution Vulnerability | Moderate |
Microsoft Scripting Engine | CVE-2020-0811 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0828 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0848 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0823 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0832 | Scripting Engine Memory Corruption Vulnerability | Moderate |
Microsoft Scripting Engine | CVE-2020-0812 | Chakra Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Scripting Engine | CVE-2020-0833 | Scripting Engine Memory Corruption Vulnerability | Critical |
Microsoft Windows | CVE-2020-0897 | Windows Work Folder Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0896 | Windows Hard Link Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0871 | Windows Network Connections Service Information Disclosure Vulnerability | Important |
Microsoft Windows | CVE-2020-0874 | Windows GDI Information Disclosure Vulnerability | Important |
Microsoft Windows | CVE-2020-0876 | Win32k Information Disclosure Vulnerability | Important |
Microsoft Windows | CVE-2020-0775 | Windows Error Reporting Information Disclosure Vulnerability | Important |
Microsoft Windows | CVE-2020-0879 | Windows GDI Information Disclosure Vulnerability | Important |
Microsoft Windows | CVE-2020-0793 | Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0776 | Windows Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0869 | Media Foundation Memory Corruption Vulnerability | Critical |
Microsoft Windows | CVE-2020-0861 | Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability | Important |
Microsoft Windows | CVE-2020-0863 | Connected User Experiences and Telemetry Service Information Disclosure Vulnerability | Important |
Microsoft Windows | CVE-2020-0860 | Windows ActiveX Installer Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0857 | Windows Search Indexer Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0858 | Windows Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0865 | Windows Work Folder Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0866 | Windows Work Folder Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0864 | Windows Work Folder Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0820 | Media Foundation Information Disclosure Vulnerability | Important |
Microsoft Windows | CVE-2020-0819 | Windows Device Setup Manager Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0804 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0779 | Windows Installer Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0802 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0803 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0778 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0809 | Media Foundation Memory Corruption Vulnerability | Critical |
Microsoft Windows | CVE-2020-0810 | Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0807 | Media Foundation Memory Corruption Vulnerability | Critical |
Microsoft Windows | CVE-2020-0808 | Provisioning Runtime Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0797 | Windows Work Folder Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0785 | Windows User Profile Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0786 | Windows Tile Object Service Denial of Service Vulnerability | Important |
Microsoft Windows | CVE-2020-0787 | Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0783 | Windows UPnP Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0800 | Windows Work Folder Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0801 | Media Foundation Memory Corruption Vulnerability | Critical |
Microsoft Windows | CVE-2020-0781 | Windows UPnP Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0780 | Windows Network List Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0777 | Windows Work Folder Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0772 | Windows Error Reporting Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0849 | Windows Hard Link Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0845 | Windows Network Connections Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0684 | LNK Remote Code Execution Vulnerability | Critical |
Microsoft Windows | CVE-2020-0769 | Windows CSC Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0771 | Windows CSC Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0841 | Windows Hard Link Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0840 | Windows Hard Link Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0806 | Windows Error Reporting Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0843 | Windows Installer Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0844 | Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability | Important |
Microsoft Windows | CVE-2020-0842 | Windows Installer Elevation of Privilege Vulnerability | Important |
Open Source Software | CVE-2020-0872 | Remote Code Execution Vulnerability in Application Inspector | Important |
Other | CVE-2020-0765 | Remote Desktop Connection Manager Information Disclosure Vulnerability | Moderate |
Visual Studio | CVE-2020-0789 | Visual Studio Extension Installer Service Denial of Service Vulnerability | Important |
Visual Studio | CVE-2020-0884 | Microsoft Visual Studio Spoofing Vulnerability | Important |
Windows Defender | CVE-2020-0763 | Windows Defender Security Center Elevation of Privilege Vulnerability | Important |
Windows Defender | CVE-2020-0762 | Windows Defender Security Center Elevation of Privilege Vulnerability | Important |
Windows Diagnostic Hub | CVE-2020-0854 | Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability | Important |
Windows IIS | CVE-2020-0645 | Microsoft IIS Server Tampering Vulnerability | Important |
Windows Installer | CVE-2020-0814 | Windows Installer Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2020-0773 | Windows ActiveX Installer Service Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2020-0770 | Windows ActiveX Installer Service Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2020-0822 | Windows Language Pack Installer Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2020-0859 | Windows Modules Installer Service Information Disclosure Vulnerability | Important |
Windows Installer | CVE-2020-0868 | Windows Update Orchestrator Service Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2020-0798 | Windows Installer Elevation of Privilege Vulnerability | Important |
Windows Installer | CVE-2020-0867 | Windows Update Orchestrator Service Elevation of Privilege Vulnerability | Important |
Windows Kernel | CVE-2020-0834 | Windows ALPC Elevation of Privilege Vulnerability | Important |
Windows Kernel | CVE-2020-0799 | Windows Kernel Elevation of Privilege Vulnerability | Important |