Advisory Microsoft February 2020 Patch Tuesday

Total Page:16

File Type:pdf, Size:1020Kb

Advisory Microsoft February 2020 Patch Tuesday Advisory Microsoft February 2020 Patch Tuesday aeCERT One of Telecommunications Regulatory Authority (TRA) Initiatives P O Box 116688, Dubai, United Arab Emirates (UAE) www.aecert.ae | www.tra.gov.ae Version: 1.0 Ref: ADV-19-011 Document Date: 16/02/2020 Document Details Disclaimer Whilst every effort has been made to ensure the accuracy of the information contained within this report, aeCERT and the TRA bear no liability or responsibility for any recommendations issued or inadvertent damages that could be caused by the recipient of this information. Accessing third-party links in this advisory will direct you to an external website. Please note that aeCERT bears no responsibility for third-party website traffic. aeCERT will have no liability to the entities for the content or use of the content available through the hyperlinks that are referenced. Contents Contents 1 Summary 2 Details 2 Recommendations 9 References 9 1 | P a g e Summary aeCERT has received the latest Microsoft security updates that aim to patch recent vulnerabilities discovered in their system. The release has impact on some Microsoft products. In order to protect windows from security risks, users should install latest update as soon as possible. Details In addition to the Internet Explorer zero-day vulnerability discovered in the middle of January, Microsoft discovered other three vulnerabilities that were disclosed to the public but not exploited yet: • CVE-2020-0683 - Windows installer elevation of privilege vulnerability. • CVE-2020-0686 - Windows installer elevation of privilege vulnerability. • CVE-2020-0706 - Microsoft browser information disclosure vulnerability. Further details about the security update can be found on Microsoft’s website here. The table below shows resolved vulnerabilities and released advisories in the February 2020 patch update. Tag CVE ID CVE Title Severity Microsoft Scripting CVE-2020-0713 Scripting Engine Memory Corruption Vulnerability Critical Engine Microsoft Scripting CVE-2020-0711 Scripting Engine Memory Corruption Vulnerability Critical Engine Microsoft Scripting CVE-2020-0710 Scripting Engine Memory Corruption Vulnerability Critical Engine Microsoft Scripting CVE-2020-0712 Scripting Engine Memory Corruption Vulnerability Critical Engine 2 | P a g e Microsoft Scripting CVE-2020-0767 Scripting Engine Memory Corruption Vulnerability Critical Engine Microsoft Windows CVE-2020-0681 Remote Desktop Client Remote Code Execution Critical Vulnerability Remote Desktop CVE-2020-0734 Remote Desktop Client Remote Code Execution Critical Client Vulnerability Windows Hyper-V CVE-2020-0662 Windows Remote Code Execution Vulnerability Critical Windows Media CVE-2020-0738 Media Foundation Memory Corruption Vulnerability Critical Windows Shell CVE-2020-0729 LNK Remote Code Execution Vulnerability Critical Adobe flash player ADV200003 February 2020 Adobe Flash Security Update Important Microsoft Edge CVE-2020-0663 Microsoft Edge Elevation of Privilege Vulnerability Important Microsoft Edge CVE-2020-0706 Microsoft Browser Information Disclosure Important Vulnerability Microsoft Exchange CVE-2020-0692 Microsoft Exchange Server Elevation of Privilege Important Server Vulnerability Microsoft Exchange CVE-2020-0688 Microsoft Exchange Memory Corruption Important Server Vulnerability Microsoft Exchange CVE-2020-0696 Microsoft Outlook Security Feature Bypass Important Server Vulnerability Microsoft Graphics CVE-2020-0744 Windows GDI Information Disclosure Vulnerability Important Component Microsoft Graphics CVE-2020-0745 Windows Graphics Component Elevation of Important Component Privilege Vulnerability Microsoft Graphics CVE-2020-0714 DirectX Information Disclosure Vulnerability Important Component 3 | P a g e Microsoft Graphics CVE-2020-0715 Windows Graphics Component Elevation of Important Component Privilege Vulnerability Microsoft Graphics CVE-2020-0746 Microsoft Graphics Components Information Important Component Disclosure Vulnerability Microsoft Graphics CVE-2020-0709 DirectX Elevation of Privilege Vulnerability Important Component Microsoft Graphics CVE-2020-0792 Windows Graphics Component Elevation of Important Component Privilege Vulnerability Microsoft Malware CVE-2020-0733 Windows Malicious Software Removal Tool Important Protection Engine Elevation of Privilege Vulnerability Microsoft Office CVE-2020-0697 Microsoft Office Tampering Vulnerability Important Microsoft Office CVE-2020-0759 Microsoft Excel Remote Code Execution Important Vulnerability Microsoft Office CVE-2020-0695 Microsoft Office Online Server Spoofing Important Vulnerability Microsoft Office CVE-2020-0694 Microsoft Office SharePoint XSS Vulnerability Important SharePoint Microsoft Office CVE-2020-0693 Microsoft Office SharePoint XSS Vulnerability Important SharePoint Microsoft Windows CVE-2020-0741 Connected Devices Platform Service Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0742 Connected Devices Platform Service Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0740 Connected Devices Platform Service Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0658 Windows Common Log File System Driver Important Information Disclosure Vulnerability 4 | P a g e Microsoft Windows CVE-2020-0737 Windows Elevation of Privilege Vulnerability Important Microsoft Windows CVE-2020-0659 Windows Data Sharing Service Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0739 Windows Elevation of Privilege Vulnerability Important Microsoft Windows CVE-2020-0757 Windows SSH Elevation of Privilege Vulnerability Important Microsoft Windows CVE-2020-0732 DirectX Elevation of Privilege Vulnerability Important Microsoft Windows CVE-2020-0753 Windows Error Reporting Elevation of Privilege Important Vulnerability Microsoft Windows CVE-2020-0755 Windows Key Isolation Service Information Important Disclosure Vulnerability Microsoft Windows CVE-2020-0754 Windows Error Reporting Elevation of Privilege Important Vulnerability Microsoft Windows CVE-2020-0657 Windows Common Log File System Driver Important Elevation of Privilege Vulnerability Microsoft Windows CVE-2020-0667 Windows Search Indexer Elevation of Privilege Important Vulnerability Microsoft Windows CVE-2020-0743 Connected Devices Platform Service Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0666 Windows Search Indexer Elevation of Privilege Important Vulnerability Microsoft Windows CVE-2020-0748 Windows Key Isolation Service Information Important Disclosure Vulnerability Microsoft Windows CVE-2020-0747 Windows Data Sharing Service Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0668 Windows Kernel Elevation of Privilege Vulnerability Important 5 | P a g e Microsoft Windows CVE-2020-0704 Windows Wireless Network Manager Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0685 Windows COM Server Elevation of Privilege Important Vulnerability Microsoft Windows CVE-2020-0676 Windows Key Isolation Service Information Important Disclosure Vulnerability Microsoft Windows CVE-2020-0678 Windows Error Reporting Manager Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0703 Windows Backup Service Elevation of Privilege Important Vulnerability Microsoft Windows CVE-2020-0680 Windows Function Discovery Service Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0679 Windows Function Discovery Service Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0677 Windows Key Isolation Service Information Important Disclosure Vulnerability Microsoft Windows CVE-2020-0682 Windows Function Discovery Service Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0756 Windows Key Isolation Service Information Important Disclosure Vulnerability Microsoft Windows CVE-2020-0670 Windows Kernel Elevation of Privilege Vulnerability Important Microsoft Windows CVE-2020-0675 Windows Key Isolation Service Information Important Disclosure Vulnerability Microsoft Windows CVE-2020-0669 Windows Kernel Elevation of Privilege Vulnerability Important Microsoft Windows CVE-2020-0727 Connected User Experiences and Telemetry Important Service Elevation of Privilege Vulnerability 6 | P a g e Microsoft Windows CVE-2020-0671 Windows Kernel Elevation of Privilege Vulnerability Important Microsoft Windows CVE-2020-0672 Windows Kernel Elevation of Privilege Vulnerability Important Microsoft Windows CVE-2020-0698 Windows Information Disclosure Vulnerability Important Microsoft Windows CVE-2020-0701 Windows Client License Service Elevation of Important Privilege Vulnerability Microsoft Windows CVE-2020-0735 Windows Search Indexer Elevation of Privilege Important Search Component Vulnerability Secure Boot CVE-2020-0689 Microsoft Secure Boot Security Feature Bypass Important Vulnerability SQL Server CVE-2020-0618 Microsoft SQL Server Reporting Services Remote Important Code Execution Vulnerability Windows CVE-2020-0665 Active Directory Elevation of Privilege Vulnerability Important Authentication Methods Windows COM CVE-2020-0752 Windows Search Indexer Elevation of Privilege Important Vulnerability Windows COM CVE-2020-0749 Connected Devices Platform Service Elevation of Important Privilege Vulnerability Windows COM CVE-2020-0750 Connected Devices Platform Service Elevation of Important Privilege Vulnerability Windows Hyper-V CVE-2020-0751 Windows Hyper-V Denial of Service Vulnerability Important Windows Hyper-V CVE-2020-0661 Windows
Recommended publications
  • Microsoft Security Update for January 2020 Fixes 49 Security Vulnerabilities
    Microsoft Security Update for January 2020 Fixes 49 Security Vulnerabilities Overview Microsoft released the January security update on Tuesday, fixing 49 security issues ranging from simple spoofing attacks to remote code execution, discovered in products like .NET Framework, Apps, ASP.NET, Common Log File System Driver, Microsoft Dynamics, Microsoft Graphics Component, Microsoft Office, Microsoft Scripting Engine, Microsoft Windows, Microsoft Windows Search Component, Windows Hyper-V, Windows Media, Windows RDP, Windows Subsystem for Linux, and Windows Update Stack. Of the vulnerabilities fixed by Microsoft's this monthly update, a total of eight critical vulnerabilities exist in the .NET Framework, ASP.NET, Microsoft Scripting Engine, and Windows RDP. In addition, there are 41 important vulnerabilities. Critical Vulnerabilities The following are eight critical vulnerabilities covered in this update. @NSFOUS 2020 http://www.nsfocus.com Windows RDP CVE-2020-0609、CVE-2020-0610 These two remote code execution vulnerabilities in the Windows Remote Desktop Gateway (RD Gateway) could be exploited by unauthenticated attackers. If the two vulnerabilities are exploited successfully, arbitrary code may be executed on the target system, allowing the attacker to install the program, view, change or delete data, or create a new account with full user rights. To exploit this vulnerability, an attacker needs to send a specially crafted request to the RD gateway of the target system via RDP. This update addresses these issues by correcting the way the RD gateway handles connection requests. For more details about the vulnerabilities and download updates, please refer to Microsoft's official security advisories: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0609 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0610 CVE-2020-0611 This is a remote code execution vulnerability in Windows Remote Desktop clients.
    [Show full text]
  • Guidelines for Designing Embedded Systems with Windows 10 Iot Enterprise
    Guidelines for Designing Embedded Systems with Windows 10 IoT Enterprise Version 2.0 Published July 15, 2016 Guidelines for designing embedded systems 1 CONFIDENTIAL Contents Overview .................................................................................................................................................................................................... 4 Building a task-specific experience ............................................................................................................................................ 4 General Group Policy settings ....................................................................................................................................................... 4 Application control ................................................................................................................................................................................ 5 Application boot options ................................................................................................................................................................. 5 Auto-boot Universal Windows apps ...................................................................................................................................... 5 Auto-boot Classic Windows apps ........................................................................................................................................... 5 Limit application access with AppLocker ...............................................................................................................................
    [Show full text]
  • 3700Document22374461
    Copyright (c) 2018, Oracle. All rights reserved. RES QA / Test – Microsoft Patch Security Report (Doc ID 2237446.1) To Bottom Modified: 16-Apr-2018 Type: REFERENCE In this Document Purpose Scope Details Windows Security Updates Miscellaneous Information Internet Explorer 7 Known Issues Internet Explorer 8 Known Issues Internet Explorer 9 Known Issues Internet Explorer 10 Known Issues Internet Explorer 11 Known Issues Adobe Known Issues Non-Security, High Priority Updates Microsoft Security Essentials References APPLIES TO: Oracle Hospitality RES 3700 - Version 4.9.0 and later Information in this document applies to any platform. PURPOSE The Security Report contains a listing of select Microsoft patches that are directly related to the RES and E7 applications and have been tested against the RES and E7 applications to validate there are no issues or identify any updates that should NOT be installed. The list is not inclusive of ALL Microsoft patches. This report is updated monthly for patches released monthly and YTD cumulative. SCOPE This document is intended for support employees and users of the RES E7 products. DETAILS WARNING: On Workstation 2015 – POSReady 2009, the Microsoft “Optional Hardware” Update, “MosChip Semiconductor Technology Ltd – Bus Controllers and Ports – PCI Multi-IO Controller” is incompatible with the RES IDN Driver, and will cause IDN Printing to fail. Even if this update is uninstalled, IDN printing could be effected adversely. DO NOT INSTALL THIS Optional MICROSOFT UPDATE. If this was already done, reload the Ghost image for the 2015 posted on MOS, and reload all other applicable Microsoft Updates. As of August of 2016 the RES Microsoft security bulletin has been split off from the combined RES/e7 bulletin.
    [Show full text]
  • Configuration Sheets
    PRIMERGY RX600 S4 Configuration Sheets About this manual A Configuration Sheets of Hardware Use this form to record the hardware configuration and various settings of your server. B Configuration Sheets of BIOS Setup Utility Parameters Use this form to record the settings of the BIOS Setup Utility. C Configuration Sheets of Remote Management Controller's Web Interface Use this form to record the settings of the Remote Management Controller Web interface. D Design Sheet of the RAID Configuration Use this form to record the definitions of the disk groups (or the physical packs) and the logical drives in the RAID configuration (array configuration). E Design Sheet Use this form to record the software settings. F Accident Sheet Use this form to record any failures that occur in your server. 1 Product Names The following expressions and abbreviations are used to describe the product names used in this manual. Product names Expressions and abbreviations PRIMERGY RX600 S4 This server or the server Windows Server 2003 R2, Windows Microsoft® Windows Server® 2003 R2, Standard Edition Standard Edition 2003 Windows Server 2003 R2, Microsoft® Windows Server® 2003 R2, Enterprise Edition Enterprise Edition Windows Server 2003 , Microsoft® Windows Server® 2003 , Enterprise Edition Enterprise Edition Windows Server 2003, Microsoft® Windows Server® 2003, Standard Edition Standard Edition Windows Server 2003 R2, Microsoft® Windows Server® 2003 R2, Standard x64 Edition Standard x64 Edition Windows Server 2003 R2, Microsoft® Windows Server® 2003 R2 , Enterprise x64 Edition Enterprise x64 Edition Windows Server 2003, Microsoft® Windows Server® 2003, Standard x64 Edition Standard x64 Edition Windows Server 2003 , Microsoft® Windows Server® 2003 , Enterprise x64 Edition Enterprise x64 Edition Microsoft® Windows Server® 2003 Service Pack SP ■Trademarks Microsoft, Windows, MS, Windows Server are registered trademarks of the Microsoft Corporation in the USA and other countries.
    [Show full text]
  • Copyrighted Material
    Index Numerics Address Resolution Protocol (ARP), 1052–1053 admin password, SOHO network, 16-bit Windows applications, 771–776, 985, 1011–1012 900, 902 Administrative Tools window, 1081–1083, 32-bit (x86) architecture, 124, 562, 769 1175–1176 64-bit (x64) architecture, 124, 562, 770–771 administrative tools, Windows, 610 administrator account, 1169–1170 A Administrators group, 1171 ADSL (Asynchronous Digital Subscriber Absolute Software LoJack feature, 206 Line), 1120 AC (alternating current), 40 Advanced Attributes window, NTFS AC adapters, 311–312, 461, 468–469 partitions, 692 Accelerated Graphics Port (AGP), 58 Advanced Computing Environment (ACE) accelerated video cards (graphics initiative, 724 accelerator cards), 388 Advanced Confi guration and Power access points, wireless, 996, 1121 Interface (ACPI) standard, 465 access time, hard drive, 226 Advanced Graphics Port (AGP) card, access tokens, 1146–1147 391–392 Account Operators group, 1172 Advanced Graphics Port (AGP) port, 105 ACE (Advanced Computing Environment) Advanced Host Controller Interface (AHCI), initiative, 724 212–213 ACPI (Advanced Confi guration and Power Advanced Micro Devices (AMD), 141–144 Interface) standard, 465 Advanced Packaging Tool (APT), 572 Action Center, 1191–1192 Advanced Power Management (APM) Active Directory Database, 1145–1146, 1183 standard, 465 active heat sink, 150 Advanced Programmable Interrupt active matrix display, LCD (thin-fi lm Controller (APIC), 374 transistor (TFT) display), 470 Advanced RISC Computing Specifi cation active partition, 267,
    [Show full text]
  • Security Advisory MTIS20-010 - Page 1 of 19 UNDER ANALYSIS: Firewall Enterprise
    NEW THREAT OVERVIEW | PREVIOUS THREATS UPDATES | THREAT DETAILS EXECUTIVE SUMMARY March 10, 2020 | MTIS20-010 Since the last McAfee® Labs Security Advisory (February 12), the following noteworthy event has taken place: Patches are available for multiple Microsoft security vulnerabilities NEW THREAT OVERVIEW (MSPT-Mar2020) Microsoft IIS Server improperly handles Malformed Request Headers Privilege Escalation (CVE- 2020-0645) MTIS20-010-A IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise Back to top (MSPT-Mar2020) Microsoft Windows .LNK file Remote Code Execution (CVE-2020-0684) MTIS20-010-B IMPORTANCE: High COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise Back to top (MSPT-Mar2020) Microsoft DirectX improperly handles Objects in Memory Privilege Escalation (CVE-2020-0690) MTIS20-010-C IMPORTANCE: Medium COVERED PRODUCTS: DAT | Web Gateway UNDER ANALYSIS: Firewall Enterprise Back to top (MSPT-Mar2020) Microsoft Visual Studio improperly handles Pipeline Job Tokens Privilege Escalation (CVE-2020- 0758) MTIS20-010-D IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall Enterprise Back to top (MSPT-Mar2020) Microsoft Defender Handles Certain Objects in Memory Privilege Escalation (CVE-2020-0762) MTIS20-010-E IMPORTANCE: Medium COVERED PRODUCTS: Security Advisory MTIS20-010 - Page 1 of 19 UNDER ANALYSIS: Firewall Enterprise Back to top (MSPT-Mar2020) Microsoft Defender Handles Certain Objects in Memory Privilege Escalation (CVE-2020-0763) MTIS20-010-F IMPORTANCE: Medium COVERED PRODUCTS: UNDER ANALYSIS: Firewall
    [Show full text]
  • Linux Networking 101
    The Gorilla ® Guide to… Linux Networking 101 Inside this Guide: • Discover how Linux continues its march toward world domination • Learn basic Linux administration tips • See how easy it can be to build your entire network on a Linux foundation • Find out how Cumulus Linux is your ticket to networking freedom David M. Davis ActualTech Media Helping You Navigate The Technology Jungle! In Partnership With www.actualtechmedia.com The Gorilla Guide To… Linux Networking 101 Author David M. Davis, ActualTech Media Editors Hilary Kirchner, Dream Write Creative, LLC Christina Guthrie, Guthrie Writing & Editorial, LLC Madison Emery, Cumulus Networks Layout and Design Scott D. Lowe, ActualTech Media Copyright © 2017 by ActualTech Media. All rights reserved. No portion of this book may be reproduced or used in any manner without the express written permission of the publisher except for the use of brief quotations. The information provided within this eBook is for general informational purposes only. While we try to keep the information up- to-date and correct, there are no representations or warranties, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the information, products, services, or related graphics contained in this book for any purpose. Any use of this information is at your own risk. ActualTech Media Okatie Village Ste 103-157 Bluffton, SC 29909 www.actualtechmedia.com Entering the Jungle Introduction: Six Reasons You Need to Learn Linux ....................................................... 7 1. Linux is the future ........................................................................ 9 2. Linux is on everything .................................................................. 9 3. Linux is adaptable ....................................................................... 10 4. Linux has a strong community and ecosystem ........................... 10 5.
    [Show full text]
  • 9780789756978 Onlineappendi
    APPENDIX A Answers to the “Do I Know This Already?” Quizzes and Q&A Questions “Do I Know This Already?” Quizzes Chapter 1 Chapter 3 1. B 1. B 2. D 2. D 3. B 3. C 4. A 4. B 5. D 5. C 6. C 6. A and D 7. B 7. C 8. B and D 8. A 9. B and C 9. C 10. B 10. A and D Chapter 2 Chapter 4 1. D 1. D 2. B 2. C 3. D 3. D 4. B 4. C 5. A 5. D 6. C 6. D 7. A Chapter 5 8. A 9. A 1. C 10. D 2. D 3. B 4 MCSA 70-740 Cert Guide: Installation, Storage, and Compute with Windows Server 2016 4. C Chapter 9 5. A and C 1. B 6. B 2. C 3. B Chapter 6 4. C 1. D 5. A and D 2. A 6. D 3. D 4. A Chapter 10 5. B 1. B 6. A 2. B and D 3. A Chapter 7 4. D 1. B 5. C 2. B 6. A 3. C 4. A Chapter 11 5. D 1. A and D 6. B 2. A 3. A Chapter 8 4. C 1. D 5. A 2. A 6. C 3. B 7. A 4. C 8. C 5. C 6. C Chapter 12 7. A 1. D 8. D 2. B 3. D 4. A 5. C 6. B Appendix A: Answers to the “Do I Know This Already?” Quizzes and Q&A Questions 5 Chapter 13 Chapter 17 1.
    [Show full text]
  • Xenapp Optimization for W2K8 R2
    Consulting Solutions | WHITE PAPER | Citrix XenApp Windows 2008 R2 Optimization Guide For Desktop Virtualization with XenApp 6 / 6.5 www.citrix.com Contents Overview ............................................................................................................................................................. 3 Windows 2008 R2 Configuration .................................................................................................................... 4 User Settings ..................................................................................................................................................... 19 Revision History ............................................................................................................................................... 23 Page 2 Overview When considering desktop virtualization with Citrix FlexCast technologies, one method for delivering services to end-users is through the use of hosted shared desktops using Citrix XenApp. Hosted shared desktops can deliver a locked down, streamlined and standardized environment ideally suited for task workers where personalization is not required. Delivering hosted shared virtual desktop requires proper planning and configuration to maximize the scalability of server resources while providing users with an optimized and functional desktop environment. This document outlines optimizations for XenApp 6 on Windows Server 2008 R2 to meet these goals. These configurations typically add value by enhancing the user experience and increasing
    [Show full text]
  • Optimizing Windows 10, Build 2004, for a Virtual Desktop Role
    Optimizing Windows 10, Build 2004, for a Virtual Desktop role Written by Robert M. Smith, Program Manager, Azure Global Customer Engineering Date Created: May 12, 2020 Date Updated: July 08, 2020 Date Published: tbd Contributors: Tim Muessig, Senior Premier Field Engineer; Narklis Engler, Principal Program Manager Version 1.2 Document Change History Version Changes 1.0 Adding verbiage for Windows Virtual Desktop, and Windows 10 build 2004 specifically 1.1 Additional updates for 2004 1.2 Final pass, updated group policy, services, tasks, and added info about Storage Sense for disk cleanup. Introduction This article is intended to provide suggestions for configurations for Windows 10, build 2004, for optimal performance in Virtualized Desktop environments, including Virtual Desktop Infrastructure (VDI) and Windows Virtual Desktop (WVD). All settings in this guide are suggested optimization settings only and are in no way requirements. The information in this guide is pertinent to Windows 10, version 2004, operating system (OS) build 19041. The guiding principles to optimize performance of Windows 10 in a virtual desktop environment are to minimize graphic redraws and “effects”, background activities that have no major benefit to the virtual desktop environment, and generally reduce running processes to the bare minimum. A secondary goal is to reduce disk space usage in the base image to the bare minimum. With virtual desktop implementations, the smallest possible base, or “gold” image size, can slightly reduce memory utilization on the host system, as well as a small reduction in overall network operations required to deliver the desktop environment to the consumer. No optimizations should reduce the user experience.
    [Show full text]
  • Vulnerability Summary for the Week of November 7, 2016
    Vulnerability Summary for the Week of November 7, 2016 Please Note: • The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low. • The !" indentity number is the #ublicly $nown %& given to that #articular vulnerability. Therefore you can search the status of that #articular vulnerability using that %&. • The !'S (Common !ulnerability 'coring System) score is a standard scoring system used to determine the severity of the vulnerability. High Severity Vulnerabilities The Primary Vendor --- Description Date CVSS The CVE Product Published Score Identity adobe ** flash+#layer ,dobe -lash Player versions ./.0.0..01 and 2016-11-08 10.0 CVE-2016-7857 CONFIRM (link earlier, 22...20..64/ and earlier have an is external) e5#loitable use*after*free vulnerability. 'uccessful e5#loitation could lead to arbitrary code e5ecution. adobe ** flash+#layer ,dobe -lash Player versions ./.0.0..01 and 2016-11-08 10.0 CVE-2016-7858 CONFIRM (link earlier, 22...20..64/ and earlier have an is external) e5#loitable use*after*free vulnerability. 'uccessful e5#loitation could lead to arbitrary code e5ecution. adobe ** flash+#layer ,dobe -lash Player versions ./.0.0..01 and 2016-11-08 10.0 CVE-2016-7859 CONFIRM (link earlier, 22...20..64/ and earlier have an is external) e5#loitable use*after*free vulnerability. 'uccessful e5#loitation could lead to arbitrary code e5ecution. adobe ** flash+#layer ,dobe -lash Player versions ./.0.0..01 and 2016-11-08 10.0 CVE-2016-7860 CONFIRM (link earlier, 22...20..64/ and earlier have an is external) e5#loitable type confusion vulnerability.
    [Show full text]
  • Tweakhound, Windows 7 Beta Default Services
    Sheet1 Name Startup Type Adaptive Brightness Manual AppID Service Manual Application Experience Manual Application Information Manual Application Layer Gateway Service Manual Application Management Manual Background Intelligent Transfer Service Automatic (Delayed Start) Base Filtering Engine Automatic BitLocker Drive Encryption Service Manual Block Level Backup Engine Service Manual Bluetooth Support Service Manual BranchCache Manual Certificate Propagation Manual CNG Key Isolation Manual COM+ Event System Automatic COM+ System Application Manual Computer Browser Automatic Credential Manager Service Manual Cryptographic Services Automatic DCOM Server Process Launcher Automatic Desktop Window Manager Session Manager Automatic DHCP Client Automatic Diagnostic Policy Service Automatic Diagnostic Service Host Manual Diagnostic System Host Manual Disk Defragmenter Manual Distributed Link Tracking Client Automatic Distributed Transaction Coordinator Manual DNS Client Automatic Encrypting File System (EFS) Manual Extensible Authentication Protocol Manual Fax Manual Function Discovery Provider Host Manual Function Discovery Resource Publication Automatic Group Policy Client Automatic Health Key and Certificate Management Manual HomeGroup Listener Manual HomeGroup Provider Manual Human Interface Device Access Manual IKE and AuthIP IPsec Keying Modules Automatic Interactive Services Detection Manual Internet Connection Sharing (ICS) Disabled IP Helper Automatic IPsec Policy Agent Manual KtmRm for Distributed Transaction Coordinator Manual Link-Layer
    [Show full text]