#Security Bulletin   #KB     #Description    #Operating System

CVE-2020-0787 [Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability] (Windows 7/8/10, 2008/2012/2016/2019)

CVE-2020-0796 [A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'] (Windows 1903/1909)

CVE-2019-1458 [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7/8/10/2008/2012/2016)

CVE-2019-0803 [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7/8/10/2008/2012/2016/2019)

CVE-2018-8639 [An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory] (Windows 7/8/10/2008/2012/2016)

CVE-2018-1038 [Windows Kernel Elevation of Privilege Vulnerability] (Windows 7 SP1/Windows Server 2008 R2 SP1)

CVE-2018-0743 [Windows Subsystem for Linux Elevation of Privilege Vulnerability] (Windows 10 version 1703/Windows 10 version 1709/Windows Server version 1709)

CVE-2018-8453 [An elevation of privilege vulnerability in Windows Win32k component] (>= windows 8.1)

CVE-2018-8440 [Windows ALPC Elevation of Privilege Vulnerability] (windows 7/8.1/10/2008/2012/2016)

MS17-017  [KB4013081]  [GDI Palette Objects Local Privilege Escalation]  (windows 7/8)

CVE-2017-8464  [LNK Remote Code Execution Vulnerability]  (windows 10/8.1/7/2016/2010/2008)

CVE-2017-0213  [Windows COM Elevation of Privilege Vulnerability]  (windows 10/8.1/7/2016/2010/2008)

CVE-2018-0833 [SMBv3 Null Pointer Dereference Denial of Service]  (Windows 8.1/Server 2012 R2)

CVE-2018-8120 [Win32k Elevation of Privilege Vulnerability] (Windows 7 SP1/2008 SP2,2008 R2 SP1)

MS17-010  [KB4013389]  [Windows Kernel Mode Drivers]  (windows 7/2008/2003/XP)

MS16-135  [KB3199135]  [Windows Kernel Mode Drivers]  (2016)

MS16-111  [KB3186973]  [kernel api]  (Windows 10 10586 (32/64)/8.1)

MS16-098  [KB3178466]  [Kernel Driver]  (Win 8.1)

MS16-075  [KB3164038]  [Hot Potato]  (2003/2008/7/8/2012)

MS16-034  [KB3143145]  [Kernel Driver]  (2008/7/8/10/2012)

MS16-032  [KB3143141]  [Secondary Logon Handle]  (2008/7/8/10/2012)

MS16-016  [KB3136041]  [WebDAV]  (2008/Vista/7)

MS16-014  [K3134228]  [remote code execution]  (2008/Vista/7)

MS15-097  [KB3089656]  [remote code execution]  (win8.1/2012)

MS15-076  [KB3067505]  [RPC]  (2003/2008/7/8/2012)

MS15-077  [KB3077657]  [ATM]  (XP/Vista/Win7/Win8/2000/2003/2008/2012)

MS15-061  [KB3057839]  [Kernel Driver]  (2003/2008/7/8/2012)

MS15-051  [KB3057191]  [Windows Kernel Mode Drivers]  (2003/2008/7/8/2012)

MS15-015  [KB3031432]  [Kernel Driver]  (Win7/8/8.1/2012/RT/2012 R2/2008 R2)

MS15-010  [KB3036220]  [Kernel Driver]  (2003/2008/7/8)

MS15-001  [KB3023266]  [Kernel Driver]  (2008/2012/7/8)

MS14-070  [KB2989935]  [Kernel Driver]  (2003)

MS14-068  [KB3011780]  [Domain Privilege Escalation]  (2003/2008/2012/7/8)

MS14-058  [KB3000061]  [Win32k.sys]  (2003/2008/2012/7/8)

MS14-066  [KB2992611]  [Windows Schannel Allowing remote code execution] (VistaSP2/7 SP1/8/Windows 8.1/2003 SP2/2008 SP2/2008 R2 SP1/2012/2012 R2/Windows RT/Windows RT 8.1)

MS14-040  [KB2975684]  [AFD Driver]  (2003/2008/2012/7/8)

MS14-002  [KB2914368]  [NDProxy]  (2003/XP)

MS13-053  [KB2850851]  [win32k.sys]  (XP/Vista/2003/2008/win 7)

MS13-046  [KB2840221]  [dxgkrnl.sys]  (Vista/2003/2008/2012/7)

MS13-005  [KB2778930]  [Kernel Mode Driver]  (2003/2008/2012/win7/8)

MS12-042  [KB2972621]  [Service Bus]  (2008/2012/win7)

MS12-020  [KB2671387]  [RDP]  (2003/2008/7/XP)

MS11-080  [KB2592799]  [AFD.sys]  (2003/XP)

MS11-062  [KB2566454]  [NDISTAPI]  (2003/XP)

MS11-046  [KB2503665]  [AFD.sys]  (2003/2008/7/XP)

MS11-011  [KB2393802]  [kernel Driver]  (2003/2008/7/XP/Vista)

MS10-092  [KB2305420]  [Task Scheduler]  (2008/7)

MS10-065  [KB2267960]  [FastCGI]  (IIS 5.1, 6.0, 7.0, and 7.5)

MS10-059  [KB982799]   [ACL-Churraskito]  (2008/7/Vista)

MS10-048  [KB2160329]  [win32k.sys]  (XP SP2 & SP3/2003 SP2/Vista SP1 & SP2/2008 Gold & SP2 & R2/Win7)

MS10-015  [KB977165]   [KiTrap0D]  (2003/2008/7/XP)

MS10-012  [KB971468]  [SMB Client Trans2 stack overflow]  (Windows 7/2008R2)

MS09-050  [KB975517]   [Remote Code Execution]  (2008/Vista)

MS09-020  [KB970483]   [IIS 6.0]  (IIS 5.1 and 6.0)

MS09-012  [KB959454]   [Chimichurri]  (Vista/win7/2008/Vista)

MS08-068  [KB957097]   [Remote Code Execution]  (2000/XP)

MS08-067  [KB958644]   [Remote Code Execution]  (Windows 2000/XP/Server 2003/Vista/Server 2008)

MS08-066  [KB956803]   [AFD.sys]  (Windows 2000/XP/Server 2003)

MS08-025  [KB941693]   [Win32.sys]  (XP/2003/2008/Vista)

MS06-040  [KB921883]   [Remote Code Execution]  (2003/xp/2000)

MS05-039  [KB899588]   [PnP Service]  (Win 9X/ME/NT/2000/XP/2003)

MS03-026  [KB823980]   [Buffer Overrun In RPC Interface]  (/NT/2000/XP/2003)

  来源:https://github.com/SecWiki/windows-kernel-exploits

windows提权常用系统漏洞与补丁编号速查对照表的更多相关文章

  1. 35.windows提权总结

    本文参考自冷逸大佬的博客,源地址在这里:https://lengjibo.github.io/windows%E6%8F%90%E6%9D%83%E6%80%BB%E7%BB%93/ windows提 ...

  2. Windows提权总结

    当以低权用户进去一个陌生的windows机器后,无论是提权还是后续做什么,第一步肯定要尽可能的搜集信息.知己知彼,才百战不殆. 常规信息搜集 systeminfo 查询系统信息 hostname 主机 ...

  3. Linux下提权常用小命令

    有些新手朋友在拿到一个webshell后如果看到服务器是Linux或Unix操作系统的就直接放弃提权,认为Linux或Unix下的提权很难,不是大家能做的,其实Linux下的提权并没有很多人想象的那么 ...

  4. 「白帽黑客成长记」Windows提权基本原理(下)

    上一篇文章我们介绍了信息收集方法和WMIC,今天我们将跟随作者深入学习Windows提权基本原理的内容,希望通过这两篇文章的讲解,大家能够真正掌握这个技能. 推荐阅读:「白帽黑客成长记」Windows ...

  5. [转帖]「白帽黑客成长记」Windows提权基本原理(下)

    「白帽黑客成长记」Windows提权基本原理(下) https://www.cnblogs.com/ichunqiu/p/10968674.html 提权.. 之前还在想 为什么 我的 sqlserv ...

  6. Windows提权小结

    摸鱼的时候,想想内网这部分还有什么地方适合水一下,翻翻往期,开始填坑 总结一下Windows提权的部分,以后有时间再补一下Linux提权 这仍然是一篇思路总结类的随笔,具体细节内容不展开,也展开不了. ...

  7. 2017-2018-2 20155315《网络对抗技术》免考五:Windows提权

    原理 使用metasploit使目标机成功回连之后,要进一步攻击就需要提升操作权限.对于版本较低的Windows系统,在回连的时候使用getsystem提权是可以成功的,但是对于更高的系统操作就会被拒 ...

  8. windows提权的几种姿势

    想象这种画面:你拿到了一台机器上Meterpreter会话了,然后你准备运行 getsystem 命令进行提权,但如果提权没有成功,你就准备认输了吗?只有懦夫才会认输.但是你不是,对吗?你是一个勇者! ...

  9. 「白帽黑客成长记」Windows提权基本原理(上)

    我们通常认为配置得当的Windows是安全的,事实真的是这样吗?今天让我们跟随本文作者一起深入了解Windows操作系统的黑暗角落,看看是否能得到SYSTEM权限. 作者将使用不同版本的Windows ...

随机推荐

  1. Elasticsearch java api操作(一)(Java Low Level Rest Client)

    一.说明: 一.Elasticsearch提供了两个JAVA REST Client版本: 1.java low level rest client: 低级别的rest客户端,通过http与集群交互, ...

  2. [新手教程]申请https泛域名解析

    前置准备 教程开始,我们默认相信小伙伴们对基本的域名购买及解析有了一定的认识和实践 一个正常的域名 一台公网服务器 域名解析操作 如:现在我们要设置frps的泛域名解析 设置二级域名 frp.xx.c ...

  3. python 3.6 导入c++dll所遇到的坑

    1 返回值在c++里面为const char*,python 接收实际上为int类型 原因:python默认返回值为int 解决方法: import ctypes import os CUR_PATH ...

  4. LeetCode解题Golang(1-10)

    前言 LeetCode题目个人答案(Golang版) 本篇预期记录 1-10 题, 持续更新 正文 1.两数之和(简单) https://leetcode-cn.com/problems/two-su ...

  5. JavaScript 获取当天0点以及当前时间方法

    js 取得今天0点: const start = new Date(new Date(new Date().toLocaleDateString()).getTime()); console.log( ...

  6. Spring Boot 应用使用spring session+redis启用分布式session后,如何在配置文件里设置应用的cookiename、session超时时间、redis存储的namespace

    现状 项目在使用Spring Cloud搭建微服务框架,其中分布式session采用spring session+redis 模式 需求 希望可以在配置文件(application.yml)里设置应用 ...

  7. zabbix 监控tomcat

    zabbix 监控tomcat server端rpm -ivh jdk-8u20-linux-x64.rpmvi /etc/profileJAVA_HOME=/usr/java/jdk1.8.0_20 ...

  8. 【ORA】ORA-16629解决办法

    数据库向保护模式报告不同的保护级别"警告消息. 首先查看主备库的保护模式和保护级别 select protection_mode,protection_level from v$databa ...

  9. 【EXPDP】导出全部表的时候,选择不导出某个表

    导出的时候指定某一张表不导出的话,一般都用的是数据泵的expdp来操作 具体方法是: expdp test/test dumpfile=test.dmp directory=test_dir excl ...

  10. 【Oracle】归档日志的删除操作

    [root@sha3 oracle]# rman target / Recovery Manager: Release 10.2.0.4.0 - Production on Tue Jan 20 01 ...