Security Advisories | Cloud Security Solutions | Zscaler https://www.zscaler.com/ Zscaler Security Advisories identify and provide security vulnerabilities along with their criticality ratings. en Zscaler protects against 2 new vulnerabilities for Windows https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-june-2022 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the June 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections, as necessary. CVE-2022-30147 – Windows Installer Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-30160 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems Wed, 15 Jun 2022 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-june-2022 Zscaler protects against 4 new vulnerabilities for Windows https://www.zscaler.com/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-may-2022 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the May 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections, as necessary. CVE-2022-29104 – Windows Print Spooler Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-29142 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems CVE-2022-23279 – Windows ALPC Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems CVE-2022-23270 – Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Severity: Critical Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Tue, 10 May 2022 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-may-2022 Zscaler protects against 61 new vulnerabilities for Adobe Acrobat and Reader https://www.zscaler.com/security-advisories/zscaler-protects-against-61-new-vulnerabilities-for-adobe-acrobat-and-reader-april-2022 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 61 vulnerabilities included in the April 2021 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary. APSB22-16 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical, important, and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution, memory leak, security feature bypass and privilege escalation. Affected Software Acrobat DC Continuous 22.001.20085 and earlier versions for Windows Acrobat Reader DC Continuous 22.001.20085 and earlier versions for Windows Acrobat 2020 Classic 2020 20.005.30314 and earlier versions for Windows & 20.005.30311 for macOS Acrobat Reader 2020 Classic 20.005.30311 and earlier versions for Windows & 20.005.30311 macOS Acrobat 2017 Classic 2017 17.012.30205 and earlier versions for Windows & macOS Acrobat Reader 2017 Classic 2017 17.012.30205 and earlier versions for Windows & macOS CVE-2022-24101 – Use After Free vulnerability leading to Memory Leak Severity: Moderate CVE-2022-24103 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-24104 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27785 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-24102 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27786 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27787 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27788 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27789 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27790 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27791 – Stack-based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27792 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27793 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27794 – Access Uninitialized Pointer vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27795 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27796 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27797 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27798 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27799 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27800 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27801 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-27802 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28230 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28231 – Out-of-bounds Read vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28232 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28233 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28234 – Heap-based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28235 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28236 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28237 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28238 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28239 – Out-of-bounds Read vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28240 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28241 – Out-of-bounds Read vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28242 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28243 – Out-of-bounds Read vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-28244 – Violation of Secure Design Principles leading to Arbitrary code execution Severity: Important CVE-2022-28245 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Critical CVE-2022-28246 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28248 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28249 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28250 – Use After Free vulnerability leading to Memory Leak Severity: Important CVE-2022-28251 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28252 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28253 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28254 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28255 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28256 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28257 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28258 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28259 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28260 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28261 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28262 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28263 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28264 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28265 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28266 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28267 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28268 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important CVE-2022-28269 – Out-of-bounds Read vulnerability leading to Memory Leak Severity: Important Tue, 12 Apr 2022 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-61-new-vulnerabilities-for-adobe-acrobat-and-reader-april-2022 Zscaler protects against 8 new vulnerabilities for Windows Log File System Driver, Win32k, Windows DWM Core Library, Windows Common Log System Driver, User Profile Service and Windows Digital Media Receiver https://www.zscaler.com/security-advisories/zscaler-protects-against-8-new-vulnerabilities-for-windows-april-2022 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 8 vulnerabilities included in the April 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary. CVE-2022-24481 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-24542 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-24546 – Windows DWM Core Library Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-26914 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-24521 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems CVE-2022-26904 – Windows User Profile Service Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems CVE-2022-24547 – Windows Digital Media Receiver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-24474 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Tue, 12 Apr 2022 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-8-new-vulnerabilities-for-windows-april-2022 Zscaler protects against 5 new vulnerabilities for Windows Ancillary Function Driver, Remote Desktop Client, Windows PDEV and Windows Cloud Files Mini Filter driver. https://www.zscaler.com/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-march-2022 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the March 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections, as necessary. CVE-2022-24507 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems CVE-2022-23299 – Windows PDEV Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems CVE-2022-23285 – Remote Desktop Client Remote Code Execution Vulnerability Severity: Important Affected Software Windows RT 8.1 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems CVE-2022-24502 – Windows HTML Platforms Security Feature Bypass Vulnerability Severity: Important Affected Software Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2022 Azure Edition Core Hotpatch CVE-2022-23286 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Wed, 09 Mar 2022 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-march-2022 Zscaler protects against 5 new vulnerabilities for Windows, Windows Common Log File System Driver and Windows DWM Core Library https://www.zscaler.com/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-feb-2022 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the February 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections, as necessary. CVE-2022-21989 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-21994 – Windows DWM Core Library Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-21996 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems CVE-2022-22000 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-22715 – Named Pipe File System Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Tue, 08 Feb 2022 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-feb-2022 Zscaler protects against 25 new vulnerabilities for Adobe Acrobat and Reader https://www.zscaler.com/security-advisories/zscaler-protects-against-25-new-adobe-vulnerabilities-jan-2022 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 25 vulnerabilities included in the January 2021 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections, as necessary. APSB22-01 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical, important, and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution, memory leak, application denial of service, security feature bypass and privilege escalation. Affected Software Acrobat DC Continuous 21.007.20099and earlier versions for Windows Acrobat Reader DC Continuous 21.007.20099 and earlier versions for Windows Acrobat DC Continuous 21.007.20099 and earlier versions for macOS Acrobat Reader DC Continuous 21.007.20099 and earlier versions for macOS Acrobat 2020 Classic 2020 20.004.30017 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.004.30017 and earlier versions for Windows & macOS Acrobat 2017 Classic 2017 17.011.30204 and earlier versions for Windows & macOS Acrobat Reader 2017 Classic 2017 17.011.30204 and earlier versions for Windows & macOS CVE-2021-44701 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2021-44702 – Improper Access Control vulnerability leading to Privilege escalation Severity: Critical CVE-2021-44703 – Stack-based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2021-44704 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2021-44705 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2021-44706 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2021-44707 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2021-44708 – Heap-based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2021-44709 – Heap-based Buffer Overflow vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2021-44710 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2021-44712 – Improper Input Validation vulnerability leading to Application denial-of-service. Severity: Important CVE-2021-44713 – Use After Free vulnerability leading to Application denial-of-service. Severity: Important CVE-2021-44714 – Violation of Secure Design Principles vulnerability leading to Security feature bypass. Severity: Moderate CVE-2021-44715 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: Moderate CVE-2021-44739 – Improper Input Validation vulnerability leading to Security feature bypass Severity: Moderate CVE-2021-44740 – NULL Pointer Dereference vulnerability leading to Application denial-of-service. Severity: Moderate CVE-2021-44741 – NULL Pointer Dereference vulnerability leading to Application denial-of-service. Severity: Moderate CVE-2021-44742 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: Moderate CVE-2021-45060 – Out-of-bounds Read vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2021-45061 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2021-45062 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2021-45063 – Use After Free vulnerability leading to Privilege escalation Severity: Moderate CVE-2021-45064 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2021-45067 – Access of Memory Location After End of Buffer vulnerability leading to Memory Leak. Severity: Important CVE-2021-45068 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical Wed, 12 Jan 2022 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-25-new-adobe-vulnerabilities-jan-2022 Zscaler protects against 6 new vulnerabilities for Windows, Windows Common Log File System Driver and Windows Installer https://www.zscaler.com/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-windows-jan-2022 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerabilities included in the January 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections, as necessary. CVE-2022-21881 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows Server 2016 (Server Core installation) Windows 10 Version 1809 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems CVE-2022-21882 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems CVE-2022-21887 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 11 for ARM64based Systems Windows 11 for x64based Systems CVE-2022-21897 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows RT 8.1 Windows 8.1 for x64based systems Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems Windows Server 2012 R2 (Server Core installation) Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) CVE-2022-21908 – Windows Installer Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-21916 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems Wed, 12 Jan 2022 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-windows-jan-2022 Zscaler protects against 3 new vulnerabilities for Windows Print Spooler Components, Windows Common Log File System Driver and Windows Installer https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-microsoft-windows-december-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the December 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections, as necessary. CVE-2021-41333 – Windows Print Spooler Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2021-43226 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2021-43883 – Windows Installer Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Tue, 14 Dec 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-microsoft-windows-december-2021 Zscaler protects against 3 new vulnerabilities for Microsoft Windows, Office, and Malware Protection Engine https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-microsoft-windows-november-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the November 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections, as necessary. CVE-2021-42292 – Microsoft Excel Security Feature Bypass Vulnerability. Severity: Important Affected Software Microsoft Office 2013 Service Pack 1 (64-bit editions) Microsoft Office 2013 Service Pack 1 (32-bit editions) Microsoft Office 2013 RT Service Pack 1 Microsoft Excel 2013 Service Pack 1 (64-bit editions) Microsoft Excel 2013 Service Pack 1 (32-bit editions) Microsoft Excel 2013 RT Service Pack 1 Microsoft Office 2016 (64-bit edition) Microsoft Office 2016 (32-bit edition) Microsoft Excel 2016 (64-bit edition) Microsoft Excel 2016 (32-bit edition) Microsoft Office LTSC 2021 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Office 2019 for Mac Microsoft Office 2019 for 64-bit editions Microsoft Office 2019 for 32-bit editions CVE-2021-42298 – Microsoft Defender Remote Code Execution Vulnerability. Severity: Critical Affected Software Microsoft Malware Protection Engine CVE-2021-38666 – Remote Desktop Client Remote Code Execution Vulnerability. Severity: Critical Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Remote Desktop client for Windows Desktop Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Tue, 09 Nov 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-microsoft-windows-november-2021 Zscaler protects against 3 new vulnerabilities for Adobe Acrobat and Reader https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-adobe-vulnerabilities-october-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 3 vulnerabilities included in the October 2021 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary. APSB21-104 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC Continuous 2021.007.20095 and earlier versions for Windows Acrobat Reader DC Continuous 2021.007.20095 and earlier versions for Windows Acrobat DC Continuous 2021.007.20096 and earlier versions for macOS Acrobat Reader DC Continuous 2021.007.20096 and earlier versions for macOS Acrobat 2020 Classic 2020 2020.004.30015 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 2020 2020.004.30015 and earlier versions for Windows & macOS Acrobat 2017 Classic 2017 17.011.30202 and earlier versions for Windows & macOS Acrobat Reader 2017 Classic 2017 17.011.30202 and earlier versions for Windows & macOS CVE-2021-40729 – Out-of-bounds Read vulnerability leading to Privilege escalation. Severity: Moderate CVE-2021-40730 – Use After Free vulnerability leading to Privilege escalation. Severity: Moderate CVE-2021-40731 – Out-of-bounds Write leading to Arbitrary code execution. Severity: Critical Tue, 12 Oct 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-adobe-vulnerabilities-october-2021 Zscaler protects against 6 new vulnerabilities for Microsoft Windows https://www.zscaler.com/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-microsoft-windows-october-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerabilities included in the October 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary. CVE-2021-41357 – Win32k elevation of Privilege Vulnerability Severity: Important Affected Software Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64based Systems Windows 10 Version 2004 for ARM64based Systems Windows 10 Version 2004 for 32bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems CVE-2021-40487 – Microsoft SharePoint Server Remote Code Execution Vulnerability. Severity: Important Affected Software Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016 CVE-2021-40450 – Win32k Elevation of Privilege Vulnerability. Severity: Important Affected Software Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64based Systems Windows 10 Version 2004 for ARM64based Systems Windows 10 Version 2004 for 32bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2021-40467 – Windows Common Log File System Driver Elevation of Privilege Vulnerability. Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64based Systems Windows 10 Version 2004 for ARM64based Systems Windows 10 Version 2004 for 32bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2021-40470 – DirectX Graphics Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64based Systems Windows 10 Version 2004 for ARM64based Systems Windows 10 Version 2004 for 32bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2021-40449 – Win32k Elevation of Privilege Vulnerability. Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64based Systems Windows 10 Version 2004 for ARM64based Systems Windows 10 Version 2004 for 32bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems Tue, 12 Oct 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-microsoft-windows-october-2021 Zscaler protects against 4 new vulnerabilities for Adobe Acrobat and Reader https://www.zscaler.com/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-adobe-september-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 4 vulnerabilities included in the September 2021 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary. APSB21-55 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical, important, and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC Continuous 2021.005.20060 and earlier versions for Windows Acrobat Reader DC Continuous 2021.005.20060 and earlier versions for Windows Acrobat DC Continuous 2021.005.20058 and earlier versions for macOS Acrobat Reader DC Continuous 2021.005.20058 and earlier versions for macOS Acrobat 2020 Classic 2020 2020.004.30006 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 2020 2020.004.30006 and earlier versions for Windows & macOS Acrobat 2017 Classic 2017 2017.011.30199 and earlier versions for Windows & macOS Acrobat Reader 2017 Classic 2017 2017.011.30199 and earlier versions for Windows & macOS CVE-2021-39836 – Use After Free leading to Arbitrary code execution. Severity: Critical CVE-2021-39842 – Use After Free leading to Arbitrary code execution. Severity: Critical CVE-2021-39843 – Out-of-bounds Write leading to Memory leak. Severity: Critical CVE-2021-39845 – Stack-based Buffer Overflow leading to Arbitrary code execution. Severity: Critical Tue, 14 Sep 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-adobe-september-2021 Zscaler protects against 3 new vulnerabilities for Windows Common Log File System Driver and Windows MSHTML Platform. https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-september-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the September 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary. CVE-2021-38633 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows Server 2022 Windows Server 2022 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) CVE-2021-40444 – Microsoft MSHTML Remote Code Execution Vulnerability Severity: Important Affected Software Windows 7 for x64-based Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2021-36955 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Tue, 14 Sep 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-september-2021 Zscaler protects against 2 new vulnerabilities for Microsoft Windows https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-microsoft-windows-august-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the August 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. CVE-2021-34480 – Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows 10 Version 2004 for x64based Systems Windows 10 Version 2004 for ARM64based Systems Windows 10 Version 2004 for 32bit Systems Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2021-34535 – Remote Desktop Client Remote Code Execution Vulnerability Severity: Critical Affected Software Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows 10 Version 2004 for x64based Systems Windows 10 Version 2004 for ARM64based Systems Windows 10 Version 2004 for 32bit Systems Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Remote Desktop client for Windows Desktop Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for 32bit Systems Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems Tue, 10 Aug 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-microsoft-windows-august-2021 Zscaler protects against 2 new vulnerabilities for Adobe Acrobat and Reader. https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-adobe-july-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 2 vulnerabilities included in the July 2021 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the July release and deploy additional protections, as necessary. APSB21-51 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC Continuous 2021.005.20054 and earlier versions for Windows and macOS Acrobat Reader DC Continuous 2021.005.20054 and earlier versions for Windows and macOS Acrobat 2020 Classic 2020 2020.004.30005 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 2020 2020.004.30005 and earlier versions for Windows & macOS Acrobat 2017 Classic 2017 2017.011.30197 and earlier versions for Windows & macOS Acrobat Reader 2017 Classic 2017 2017.011.30197 and earlier versions for Windows & macOS CVE-2021-28635 – Use After Free leading to Arbitrary code execution. Severity: Critical CVE-2021-28640 – Use After Free leading to Arbitrary code execution. Severity: Critical Tue, 13 Jul 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-adobe-july-2021 Zscaler protects against 5 new vulnerabilities for Microsoft Scripting Engine, Windows Kernel, Windows Win32K & Windows Print Spooler Components. https://www.zscaler.com/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-microsoft-windows-july-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the July 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the July release and deploy additional protections, as necessary. CVE-2021-31979 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) CVE-2021-33771 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) CVE-2021-34448 – Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2012 Windows Server 2012 R2 CVE-2021-34449 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) CVE-2021-34527 – Windows Print Spooler Remote Code Execution Vulnerability Severity: Critical Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Tue, 13 Jul 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-microsoft-windows-july-2021 Zscaler protects against 6 new vulnerabilities for Microsoft Windows. https://www.zscaler.com/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-microsoft-windows-june-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerabilities included in the June 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections, as necessary. CVE-2021-31955 – Windows Kernel Information Disclosure Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2021-31201 – Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2021-31199 – Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2021-31952 – Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2021-31954 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2021-31959 – Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Windows RT 8.1 Windows 7 for 32-bit Systems Service Pack 1 Windows 10 for x64-based Systems Windows 7 for x64-based Systems Service Pack 1 Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows Server 2012 Windows Server 2012 R2 Windows Server 2016 Windows 10 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 20H2 for 32-bit Systems Windows 8.1 for x64-based systems Windows Server 2019 Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Tue, 08 Jun 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-microsoft-windows-june-2021 Zscaler protects against 1 new vulnerability for Adobe Acrobat and Reader. https://www.zscaler.com/security-advisories/zscaler-protects-against-1-new-adobe-vulnerability-june-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 1 vulnerability included in the June 2021 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections, as necessary. APSB21-37 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC Continuous 2021.001.20155 and earlier versions for Windows Acrobat Reader DC Continuous 2021.001.20155 and earlier versions for Windows Acrobat DC Continuous 2021.001.20155 and earlier versions for macOS Acrobat Reader DC Continuous 2021.001.20155 and earlier versions for macOS Acrobat 2020 Classic 2020 2020.001.30025 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 2020 2020.001.30025 and earlier versions for Windows & macOS Acrobat 2017 Classic 2017 2017.011.30196 and earlier versions for Windows & macOS Acrobat Reader 2017 Classic 2017 2017.011.30196 and earlier versions for Windows & macOS CVE-2021-28554 – Out-of-bounds read leading to Arbitrary code execution. Severity: Critical Tue, 08 Jun 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-1-new-adobe-vulnerability-june-2021 Zscaler protects against 3 new vulnerabilities for Internet Explorer and Microsoft Windows. https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-internet-explorer-microsoft-may-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the May 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections, as necessary. CVE-2021-26419 – Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows Server 2016 Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems Internet Explorer 11 on Windows 10 Version 20H2 for x64-based Systems Internet Explorer 11 on Windows 10 Version 20H2 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 20H2 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 CVE-2021-31170 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) CVE-2021-31188 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Wed, 12 May 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-internet-explorer-microsoft-may-2021 Zscaler protects against 3 new vulnerabilities for Windows https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-april-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the April 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary. CVE-2021-28310 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems CVE-2021-28319 – Windows TCP/IP Driver Denial of Service Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems CVE-2021-28442 – Windows TCP/IP Information Disclosure Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Wed, 14 Apr 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-april-2021 Zscaler protects against 7 new vulnerabilities for Windows DirectX, Internet Explorer, Microsoft Exchange Server, Microsoft Graphics Component and Windows DNS Server. https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-for-microsoft-windows-march-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 7 vulnerabilities included in the March 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections, as necessary. Zscaler has published an advisory last week regarding the coverage for exploits related to Microsoft Exchange Servers. Zscaler has also published a blog on how to Disrupt the Microsoft Exchange Attacks with Zero Trust Architecture. CVE-2021-24095 – DirectX Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) CVE-2021-26411 – Internet Explorer Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems Internet Explorer 11 on Windows 10 Version 20H2 for x64-based Systems Internet Explorer 11 on Windows 10 Version 20H2 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 20H2 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 11 on Windows Server 2016 Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows Server 2019 Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for 32-bit Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for ARM64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for x64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 20H2 for x64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 20H2 for 32-bit Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 20H2 for ARM64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems. Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems. Microsoft Edge (EdgeHTML-based) on Windows Server 2016 CVE-2021-26855 – Microsoft Exchange Server Remote Code Execution Vulnerability Severity: Critical Affected Software Microsoft Exchange Server 2016 Cumulative Update 19 Microsoft Exchange Server 2019 Cumulative Update 8 Microsoft Exchange Server 2013 Cumulative Update 23 Microsoft Exchange Server 2019 Cumulative Update 7 Microsoft Exchange Server 2016 Cumulative Update 18 CVE-2021-26863 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) CVE-2021-26868 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) CVE-2021-26877 – Windows DNS Server Remote Code Execution Vulnerability Severity: Important Affected Software Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) CVE-2021-26897 – Windows DNS Server Remote Code Execution Vulnerability Severity: Critical Affected Software Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Wed, 10 Mar 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-for-microsoft-windows-march-2021 Zscaler protects against 4 new vulnerabilities for Microsoft Windows and Microsoft Office SharePoint https://www.zscaler.com/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-microsoft-windows-february-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the February 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections, as necessary. CVE-2021-1698 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) CVE-2021-1732 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) CVE-2021-24072 – Microsoft SharePoint Server Remote Code Execution Vulnerability Severity: Important Affected Software Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019 Microsoft SharePoint Foundation 2013 Service Pack 1 CVE-2021-24078 – Windows DNS Server Remote Code Execution Vulnerability Severity: Critical Affected Software Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 2004 (Server Core installation) Windows Server, version 20H2 (Server Core Installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Wed, 10 Feb 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-microsoft-windows-february-2021 Zscaler protects against 13 new vulnerabilities for Adobe Acrobat and Reader https://www.zscaler.com/security-advisories/zscaler-protects-against-13-new-adobe-vulnerabilities-february-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 13 vulnerabilities included in the February 2021 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections, as necessary. APSB21-09 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC Continuous 2020.013.20074 and earlier versions for Windows & macOS Acrobat Reader DC Continuous 2020.013.20074 and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 2020.001.30018 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 2020 2020.001.30018 and earlier versions for Windows & macOS Acrobat 2017 Classic 2017 2017.011.30188 and earlier versions for Windows & macOS Acrobat Reader 2017 Classic 2017 2017.011.30188 and earlier versions for Windows & macOS CVE-2021-21017 – Heap-based Buffer Overflow leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21021 – Use After Free leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21028 – Use After Free leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21035 – Use After Free leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21039 – Use After Free leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21040 – Use After Free leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21041 – Use After Free leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21042 – Out-of-bounds Read leading to Privilege escalation. Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21057 – NULL Pointer Dereference leading to Information Disclosure. Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21058 – Buffer overflow leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21059 – Buffer overflow leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21062 – Buffer overflow leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox CVE-2021-21063 – Buffer overflow leading to Arbitrary code execution. Severity: Critical Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox Tue, 09 Feb 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-13-new-adobe-vulnerabilities-february-2021 Zscaler protects against 3 new vulnerabilities for Microsoft Defender, Microsoft SharePoint, and Microsoft Windows. https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-microsoft-windows-january-2021 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the January 2021 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections, as necessary. CVE-2021-1647 – Microsoft Defender Remote Code Execution Vulnerability Severity: Critical Affected Software Microsoft System Center Endpoint Protection Microsoft System Center 2012 R2 Endpoint Protection Microsoft Security Essentials Microsoft System Center 2012 Endpoint Protection Windows Defender on Windows 10 Version 1803 for 32-bit Systems Windows Defender on Windows 10 Version 1803 for x64-based Systems Windows Defender on Windows 10 Version 1803 for ARM64-based Systems Windows Defender on Windows 10 Version 1809 for 32-bit Systems Windows Defender on Windows 10 Version 1809 for x64-based Systems Windows Defender on Windows 10 Version 1809 for ARM64-based Systems Windows Defender on Windows Server 2019 Windows Defender on Windows Server 2019 (Server Core installation) Windows Defender on Windows 10 Version 1909 for 32-bit Systems Windows Defender on Windows 10 Version 1909 for x64-based Systems Windows Defender on Windows 10 Version 1909 for ARM64-based Systems Windows Defender on Windows Server, version 1909 (Server Core installation) Windows Defender on Windows 10 Version 1903 for 32-bit Systems Windows Defender on Windows 10 Version 1903 for x64-based Systems Windows Defender on Windows 10 Version 1903 for ARM64-based Systems Windows Defender on Windows Server, version 1903 (Server Core installation) Windows Defender on Windows 10 Version 2004 for 32-bit Systems Windows Defender on Windows 10 Version 2004 for ARM64-based Systems Windows Defender on Windows 10 Version 2004 for x64-based Systems Windows Defender on Windows Server, version 2004 (Server Core installation) Windows Defender on Windows 10 Version 20H2 for x64-based Systems Windows Defender on Windows 10 Version 20H2 for 32-bit Systems Windows Defender on Windows 10 Version 20H2 for ARM64-based Systems Windows Defender on Windows Server, version 20H2 (Server Core Installation) Windows Defender on Windows 10 for 32-bit Systems Windows Defender on Windows 10 for x64-based Systems Windows Defender on Windows 10 Version 1607 for 32-bit Systems Windows Defender on Windows 10 Version 1607 for x64-based Systems Windows Defender on Windows Server 2016 Windows Defender on Windows Server 2016 (Server Core installation) Windows Defender on Windows 7 for 32-bit Systems Service Pack 1 Windows Defender on Windows 7 for x64-based Systems Service Pack 1 Windows Defender on Windows 8.1 for 32-bit systems Windows Defender on Windows 8.1 for x64-based systems Windows Defender on Windows RT 8.1 Windows Defender on Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Defender on Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Defender on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Defender on Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Defender on Windows Server 2012 Windows Defender on Windows Server 2012 (Server Core installation) Windows Defender on Windows Server 2012 R2 Windows Defender on Windows Server 2012 R2 (Server Core installation) CVE-2021-1707 – Microsoft SharePoint Server Remote Code Execution Vulnerability Severity: Important Affected Software Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Server 2019 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Foundation 2013 Service Pack 1 CVE-2021-1709 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Tue, 12 Jan 2021 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-microsoft-windows-january-2021 Zscaler protects against 2 new vulnerabilities for Microsoft Windows. https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-microsoft-windows-december-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the December 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections, as necessary. CVE-2020-17144 – Microsoft Exchange Remote Code Execution Vulnerability Severity: Important Affected Software Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 31 A remote code execution vulnerability exists in Microsoft Exchange server. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. CVE-2020-17096 – Windows NTFS Remote Code Execution Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 2004 for x64based Systems Windows 10 Version 2004 for ARM64based Systems Windows 10 Version 2004 for 32bit Systems Windows 10 Version 1909 for x64based Systems Windows 10 Version 1909 for ARM64based Systems Windows 10 Version 1909 for 32bit Systems Windows 10 Version 1903 for x64based Systems Windows 10 Version 1903 for ARM64based Systems Windows 10 Version 1903 for 32bit Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for 32bit Systems Windows 10 Version 1803 for x64based Systems Windows 10 Version 1803 for ARM64based Systems Windows 10 Version 1803 for 32bit Systems Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems An elevation of privilege vulnerability exists in Windows NTFS system. A local attacker could run a specially crafted application that would elevate the attacker's privileges. A remote attacker with SMBv2 access to a vulnerable system could send specially crafted requests over a network to exploit this vulnerability and execute code on the target system. Tue, 08 Dec 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-microsoft-windows-december-2020 Zscaler protects against 9 new vulnerabilities for Microsoft Windows. https://www.zscaler.com/security-advisories/zscaler-protects-against-9-new-vulnerabilities-microsoft-windows-november-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 9 vulnerabilities included in the November 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections, as necessary. CVE-2020-17061 – Microsoft SharePoint Remote Code Execution Vulnerability Severity: Important Affected Software Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016 A remote code execution vulnerability exists in Microsoft SharePoint Service. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. CVE-2020-17057 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server, version 1903 (Server Core installation) Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems An elevation of privilege vulnerability exists in Windows. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. CVE-2020-17051 – Windows Network File System Remote Code Execution Vulnerability Severity: Critical Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server, version 1903 (Server Core installation) Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems A remote code execution vulnerability exists in Windows Network File System. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. CVE-2020-17053 – Internet Explorer Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 20H2 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 20H2 for x64-based Systems Internet Explorer 11 on Windows 10 Version 20H2 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems A memory corruption vulnerability exists in the way Internet Explorer handles objects in memory. CVE-2020-17010 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems An elevation of privilege vulnerability exists in Windows. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. CVE-2020-17038 – Win32k Elevation of Privilege Vulnerability Severity: Critical Affected Software Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems An elevation of privilege vulnerability exists in Windows. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. CVE-2020-16998 – DirectX Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. CVE-2020-17087 – Windows Kernel Local Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems An elevation of privilege vulnerability exists in Windows. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. CVE-2020-17047 – Windows Network File System Denial of Service Vulnerability Severity: Important Affected Software Windows Server, version 20H2 (Server Core Installation) Windows Server, version 2004 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows Server 2019 (Server Core installation) Windows Server 2019 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems A denial of service vulnerability exists when the Windows NFS server. An attacker who successfully exploited this vulnerability could cause the affected system to stop responding. Tue, 10 Nov 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-9-new-vulnerabilities-microsoft-windows-november-2020 Zscaler protects against 4 new vulnerabilities for Microsoft Windows https://www.zscaler.com/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-microsoft-windows-october-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the October 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary. CVE-2020-16898 – Windows TCP/IP Remote Code Execution Vulnerability Severity: Critical Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could gain the ability to execute code on the target server or client. To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. CVE-2020-16899 – Windows TCP/IP Denial of Service Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets. An attacker who successfully exploited this vulnerability could cause a target system to stop responding. To exploit this vulnerability, an attacker would have to send specially crafted ICMPv6 Router Advertisement packets to a remote Windows computer. The vulnerability would not allow an attacker to execute code or to elevate user rights directly. CVE-2020-16907 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. CVE-2020-16913 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Tue, 13 Oct 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-microsoft-windows-october-2020 Zscaler protects against 3 new vulnerabilities for Microsoft Windows https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-microsoft-windows-september-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the September 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary. CVE-2020-0856 – Active Directory Information Disclosure Vulnerability Severity: Important Affected Software Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 2004 (Server Core installation) An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system. To exploit this condition, an authenticated attacker would need to send a specially crafted request to the AD|DNS service. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system. CVE-2020-1152 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 2004 (Server Core installation) An elevation of privilege vulnerability exists when Windows improperly handles calls to Win32k.sys. An attacker who successfully exploited the vulnerability could gain elevated privileges on a targeted system. To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application. CVE-2020-0664 – Active Directory Information Disclosure Vulnerability Severity: Important Affected Software Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 2004 (Server Core installation) An information disclosure vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited this vulnerability would be able to read sensitive information about the target system. To exploit this condition, an authenticated attacker would need to send a specially crafted request to the AD|DNS service. Note that the information disclosure vulnerability by itself would not be sufficient for an attacker to compromise a system. However, an attacker could combine this vulnerability with additional vulnerabilities to further exploit the system. Thu, 10 Sep 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-microsoft-windows-september-2020 Zscaler protects against 7 new vulnerabilities for Adobe Acrobat and Reader. https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-august-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 7 vulnerabilities included in the August 2020 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. APSB20-48 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC Continuous 2020.009.20074 and earlier versions for Windows & macOS Acrobat Reader DC Continuous 2020.009.20074 and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 2020.001.30002 for Windows & macOS Acrobat Reader 2020 Classic 2020 2020.001.30002 for Windows & macOS Acrobat 2017 Classic 2017 2017.011.30171 and earlier versions for Windows & macOS Acrobat Reader 2017 Classic 2017 2017.011.30171 and earlier versions for Windows & macOS Acrobat 2015 Classic 2015 2015.006.30523 and earlier versions for Windows & macOS Acrobat Reader 2015 Classic 2015 2015.006.30523 and earlier versions for Windows & macOS CVE-2020-9698 – Buffer error leading to Arbitrary Code Execution. Severity: Critical CVE-2020-9699 – Buffer error leading to Arbitrary Code Execution. Severity: Critical CVE-2020-9701 – Buffer error leading to Arbitrary Code Execution. Severity: Critical CVE-2020-9702 – Stack exhaustion leading to Application denial-of-service. Severity: Important CVE-2020-9703 – Stack exhaustion leading to Application denial-of-service. Severity: Important CVE-2020-9704 – Buffer error leading to Arbitrary Code Execution. Severity: Critical CVE-2020-9697 – Memory leak vulnerability leading to Disclosure of Sensitive Data. Severity: Important Tue, 11 Aug 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-august-2020 Zscaler protects against 8 new vulnerabilities for Microsoft Windows, Microsoft Scripting Engine and Internet Explorer https://www.zscaler.com/security-advisories/zscaler-protects-against-8-new-vulnerabilities-microsoft-windows-internet-explorer-august-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 8 vulnerabilities included in the August 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. CVE-2020-1380 – Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1480 – Windows GDI Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how GDI handles objects in memory and by preventing instances of unintended user-mode privilege elevation. CVE-2020-1529 – Windows GDI Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) An elevation of privilege vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how GDI handles objects in memory and by preventing instances of unintended user-mode privilege elevation. CVE-2020-1566 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application to take control of an affected system. The update addresses the vulnerability by correcting how the Windows kernel handles objects in memory. CVE-2020-1567 – MSHTML Engine Remote Code Execution Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a HTML editing attack scenario, an attacker could trick a user into editing a specially crafted file that is designed to exploit the vulnerability. The security update addresses the vulnerability by modifying how MSHTML engine validates input. CVE-2020-1570 – Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1578 – Windows Kernel Information Disclosure Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass. An attacker who successfully exploited the vulnerability could retrieve the memory address of a kernel object. To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows kernel handles memory addresses. CVE-2020-1584 – Windows dnsrslvr.dll Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) An elevation of privilege vulnerability exists in the way that the dnsrslvr.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the dnsrslvr.dll properly handles objects in memory. CVE-2020-1587 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Ancillary Function Driver for WinSock improperly handles memory. To exploit this vulnerability, an attacker would first have to gain execution on the victim system. An attacker could then run a specially crafted application to elevate privileges. The security update addresses the vulnerability by correcting how the Windows Ancillary Function Driver for WinSock handles memory. Tue, 11 Aug 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-8-new-vulnerabilities-microsoft-windows-internet-explorer-august-2020 Zscaler protects against 6 new vulnerabilities for Microsoft Windows, Microsoft Edge (EdgeHTML-based), Microsoft ChakraCore & Internet Explorer. https://www.zscaler.com/security-advisories/zscaler-protects-against-6-new-vulnerabilities-microsoft-windows-internet-explorer-july-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerabilities included in the July 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections as necessary. CVE-2020-1350 – Windows DNS Server Remote Code Execution Vulnerability Severity: Critical Affected Software Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 2004 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the Local System Account. Windows servers that are configured as DNS servers are at risk from this vulnerability. To exploit the vulnerability, an unauthenticated attacker could send malicious requests to a Windows DNS server. CVE-2020-1381 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. CVE-2020-1382 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. CVE-2020-1399 – Windows Runtime Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in an elevated context. An attacker could exploit this vulnerability by running a specially crafted application on the victim system. CVE-2020-1403 – VBScript Remote Code Execution Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. CVE-2020-1410 – Windows Address Book Remote Code Execution Vulnerability Severity: Critical Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation) Windows Server, version 2004 (Server Core installation) A remote code execution vulnerability exists when Windows Address Book (WAB) improperly processes vcard files. To exploit the vulnerability, an attacker could send a malicious vcard that a victim opens using Windows Address Book (WAB). After successfully exploiting the vulnerability, an attacker could gain execution on a victim system. Wed, 15 Jul 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-6-new-vulnerabilities-microsoft-windows-internet-explorer-july-2020 Zscaler protects against 14 new vulnerabilities for Microsoft Windows, Microsoft Edge (EdgeHTML-based), Microsoft ChakraCore & Internet Explorer https://www.zscaler.com/security-advisories/zscaler-protects-against-14-new-vulnerabilities-microsoft-windows-internet-explorer-june-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 14 vulnerabilities included in the June 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections as necessary. CVE-2020-1206 – Windows SMBv3 Client/Server Information Disclosure Vulnerability Severity: Important Affected Software Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for 32-bit Systems Windows Server, version 2004 (Server Core installation) An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit the vulnerability against a server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 server. To exploit the vulnerability against a client, an unauthenticated attacker would need to configure a malicious SMBv3 server and convince a user to connect to it. The security update addresses the vulnerability by correcting how the SMBv3 protocol handles these specially crafted requests. CVE-2020-1207 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for 32-bit Systems An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. CVE-2020-1213 – VBScript Remote Code Execution Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1214 – VBScript Remote Code Execution Vulnerability Severity: Important Affected Software Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1215 – VBScript Remote Code Execution Vulnerability Severity: Important Affected Software Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1216 – VBScript Remote Code Execution Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1219 – Microsoft Browser Memory Corruption Vulnerability Severity: Critical Affected Software ChakraCore Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1803 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1809 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Windows Server 2019 Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1909 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1709 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1903 for ARM64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems Microsoft Edge (EdgeHTML-based) on Windows Server 2016 A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. The vulnerability could corrupt memory in a way that could allow an attacker to execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers, and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action, typically via an enticement in email or instant message, or by getting them to open an email attachment. The security update addresses the vulnerability by modifying how Microsoft browsers handle objects in memory. CVE-2020-1230 – VBScript Remote Code Execution Vulnerability Severity: Important Affected Software Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 11 on Windows 10 Version 2004 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 2004 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 2004 for x64-based Systems A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1247 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows 10 Version 2004 for ARM64-based Systems An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. CVE-2020-1251 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. CVE-2020-1253 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for x64-based Systems An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. CVE-2020-1260 – VBScript Remote Code Execution Vulnerability Severity: Critical Affected Software Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1284 – Windows SMB Denial of Service Vulnerability Severity: Important Affected Software Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 Version 2004 for ARM64-based Systems Windows 10 Version 2004 for 32-bit Systems A denial of service vulnerability exists in the Microsoft Server Block Message (SMB) when an attacker sends specially crafted requests to the server. An attacker who exploited this vulnerability could cause the affected system to crash. To attempt to exploit this issue, an attacker would need to send specially crafted SMB requests to the target system. Note that the denial of service vulnerability would not allow an attacker to execute code or to elevate their user rights, but it could cause the affected system to stop accepting requests. The security update addresses the vulnerability by correcting the manner in which SMB handles specially crafted client requests. CVE-2020-1301 – Windows SMB Remote Code Execution Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 2004 for x64-based Systems Windows Server, version 2004 (Server Core installation) Windows 10 Version 2004 for 32-bit Systems Windows 10 Version 2004 for ARM64-based Systems A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 1.0 (SMBv1) server handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server. To exploit the vulnerability, in most situations, an authenticated attacker could send a specially crafted packet to a targeted SMBv1 server. The security update addresses the vulnerability by correcting how SMBv1 handles these specially crafted requests. Tue, 09 Jun 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-14-new-vulnerabilities-microsoft-windows-internet-explorer-june-2020 Zscaler protects against 17 new vulnerabilities for Adobe Acrobat and Reader https://www.zscaler.com/security-advisories/zscaler-protects-against-17-new-vulnerabilities-may-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 17 vulnerabilities included in the May 2020 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections as necessary. APSB20-24 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC (Continuous) 2020.006.20042 and earlier versions for Windows & macOS Acrobat Reader DC (Continuous) 2020.006.20042 and earlier versions for Windows & macOS Acrobat 2017 (Classic 2017) 2017.011.30166 and earlier versions for Windows & macOS Acrobat Reader 2017 (Classic 2017) 2017.011.30166 and earlier versions for Windows & macOS Acrobat 2015 (Classic 2015) 2015.006.30518 and earlier versions for Windows & macOS Acrobat Reader 2015 (Classic 2015) 2015.006.30518 and earlier versions for Windows & macOS CVE-2020-9593 – Invalid Memory Access Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-9594 – Out-of-Bounds Write Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-9595 – Invalid Memory Access Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-9598 – Invalid Memory Access Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-9599 – Out-of-bounds read Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-9600 – Out-of-bounds read Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-9602 – Out-of-bounds read Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-9603 – Out-of-bounds read Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-9604 – Buffer Error Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-9605 – Buffer Error Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-9606 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-9607 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-9608 – Out-of-bounds read Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-9609 – Out-of-bounds read Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-9610 – Null Pointer Vulnerability leading to Application Denial-of-Service. Severity: Important CVE-2020-9611 – Stack Exhaustion Vulnerability leading to Application Denial of Service. Severity: Important CVE-2020-9612 –Heap Overflow Vulnerability leading to Arbitrary Code Execution. Severity: Important Wed, 13 May 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-17-new-vulnerabilities-may-2020 Zscaler protects against 7 new vulnerabilities for Microsoft Windows & Internet Explorer https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-microsoft-windows-internet-explorer-may-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 7 vulnerabilities included in the May 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections as necessary. CVE-2020-1035 – VBScript Remote Code Execution Vulnerability Severity: Important Affected Software Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1054 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. CVE-2020-1058 – VBScript Remote Code Execution Vulnerability Severity: Important Affected Software Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1060 – VBScript Remote Code Execution Vulnerability Severity: Important Affected Software Windows 7 Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1062 – Internet Explorer Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email. The security update addresses the vulnerability by modifying how Internet Explorer handles objects in memory. CVE-2020-1135 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. CVE-2020-1143 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. Wed, 13 May 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-microsoft-windows-internet-explorer-may-2020 Zscaler protects against 7 new vulnerabilities for Microsoft Windows & Internet Explorer. https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-microsoft-windows-internet-explorer-april-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 7 vulnerabilities included in the April 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections as necessary. CVE-2020-0784 – DirectX Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how DirectX handles objects in memory. CVE-2020-0888 – DirectX Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how DirectX handles objects in memory. CVE-2020-0938 – OpenType Font Parsing Remote Code Execution Vulnerability Severity: Critical Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as by either convincing a user to open a specially crafted document, or by convincing a user to visit a webpage that contains specially crafted embedded OpenType fonts. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles OpenType fonts. CVE-2020-0957 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how the Windows kernel-mode driver handles objects in memory. CVE-2020-0968 – Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked “safe for initialization” in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-1020 – Adobe Font Manager Library Remote Code Execution Vulnerability Severity: Critical Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially crafted multi-master font - Adobe Type 1 PostScript format. For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. There are multiple ways an attacker could exploit the vulnerability, such as convincing a user to open a specially crafted document or viewing it in the Windows Preview pane. The update addresses the vulnerability by correcting how the Windows Adobe Type Manager Library handles Type1 fonts. CVE-2020-1027 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the Windows Kernel properly handles objects in memory. Wed, 15 Apr 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-microsoft-windows-internet-explorer-april-2020 Zscaler protects against 5 new vulnerabilities for Adobe Acrobat and Reader https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-adobe-acrobat-and-reader-march-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 5 vulnerabilities included in the March 2020 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections as necessary. APSB20-13 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC (Continuous) 2020.006.20034 and earlier versions for Windows & macOS Acrobat Reader DC (Continuous) 2020.006.20034 and earlier versions for Windows & macOS Acrobat 2017 (Classic 2017) 2017.011.30158 and earlier versions for Windows & macOS Acrobat Reader 2017 (Classic 2017) 2017.011.30158 and earlier versions for Windows & macOS Acrobat 2015 (Classic 2015) 2015.006.30510 and earlier versions for Windows & macOS Acrobat Reader 2015 (Classic 2015) 2015.006.30510 and earlier versions for Windows & macOS CVE-2020-3804 – Out-of-bounds read Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-3805 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-3797 – Memory Corruption Vulnerability leading to Arbitrary Code Execution. [Updated – March 25, 2020] Severity: Critical CVE-2020-3800 – Memory address leak Vulnerability leading to Information Disclosure. [Updated – March 25, 2020] Severity: Important CVE-2020-3799 – Stack-based buffer Overflow Vulnerability leading to Arbitrary Code Execution. [Updated – March 25, 2020] Severity: Critical Wed, 18 Mar 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-adobe-acrobat-and-reader-march-2020 Zscaler protects against 8 new vulnerabilities for Microsoft Windows & Internet Explorer. https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-microsoft-windows-internet-explorer-march-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 8 vulnerabilities included in the March 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections as necessary. CVE-2020-0833 – Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-0824 – Internet Explorer Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, the attacker could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker could host a specially crafted website designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. The attacker could also take advantage of compromised websites, or websites that accept or host user-provided content or advertisements, by adding specially crafted content that could exploit the vulnerability. However, in all cases an attacker would have no way to force a user to view the attacker-controlled content. Instead, an attacker would have to convince a user to take action, typically by an enticement in an email or instant message, or by getting the user to open an attachment sent through email. The security update addresses the vulnerability by modifying how Internet Explorer handles objects in memory. CVE-2020-0832 – Security Engine Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-0887 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2020-0690 – DirectX Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses the vulnerability by correcting how DirectX handles objects in memory CVE-2020-0877 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2020-0847 – VBScript Remote Code Execution Vulnerability Severity: Critical Affected Software Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-0796 – Remote Code Execution Vulnerability [Updated – March 11, 2020] Severity: Critical Affected Software Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation) A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target SMB Server or SMB Client. To exploit the vulnerability against an SMB Server, an unauthenticated attacker could send a specially crafted packet to a targeted SMBv3 Server. To exploit the vulnerability against an SMB Client, an unauthenticated attacker would need to configure a malicious SMBv3 Server and convince a user to connect to it. Tue, 10 Mar 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-microsoft-windows-internet-explorer-march-2020 Zscaler protects against 11 new vulnerabilities for Adobe Acrobat and Reader. https://www.zscaler.com/security-advisories/zscaler-protects-against-11-new-vulnerabilities-adobe-acrobat-and-reader-february-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 11 vulnerabilities included in the February 2020 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections as necessary. APSB20-05 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical, important and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC (Continuous) 2019.021.20061 and earlier versions for Windows & macOS Acrobat Reader DC (Continuous) 2019.021.20061 and earlier versions for Windows & macOS Acrobat 2017 (Classic 2017) 2017.011.30156 and earlier versions for Windows & macOS Acrobat Reader 2017 (Classic 2017) 2017.011.30156 and earlier versions for Windows & macOS Acrobat 2015 (Classic 2015) 2015.006.30508 and earlier versions for Windows & macOS Acrobat Reader 2015 (Classic 2015) 2015.006.30508 and earlier versions for Windows & macOS CVE-2020-3741 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-3743 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-3744 – Out-of-Bounds Read leading to Information Disclosure. Severity: Important CVE-2020-3745 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-3746 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-3747 – Out of Bounds Read Vulnerability leading to Information Disclosure. Severity: Important CVE-2020-3748 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-3750 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-3751 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2020-3752 – Buffer Error leading to Arbitrary Code Execution. Severity: Critical CVE-2020-3755 – Out-of-Bounds Read leading to Information Disclosure. Severity: Important Tue, 11 Feb 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-11-new-vulnerabilities-adobe-acrobat-and-reader-february-2020 Zscaler protects against 9 new vulnerabilities for Microsoft Windows & Internet Explorer. https://www.zscaler.com/security-advisories/zscaler-protects-against-9-new-vulnerabilities-microsoft-windows-internet-explorer-february-2020 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 9 vulnerabilities included in the February 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections as necessary. CVE-2020-0674 – Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 10 on Windows Server 2012 Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows RT 8.1 Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2020-0681 – Remote Desktop Client Remote Code Execution Vulnerability Severity: Critical Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to have control of a server and then convince a user to connect to it. An attacker would have no way of forcing a user to connect to the malicious server, they would need to trick the user into connecting via social engineering, DNS poisoning or using a Man in the Middle (MITM) technique. An attacker could also compromise a legitimate server, host malicious code on it, and wait for the user to connect. The update addresses the vulnerability by correcting how the Windows Remote Desktop Client handles connection requests. CVE-2020-0715 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. CVE-2020-0720 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2020-0722 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server Version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server Version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2020-0723 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2020-0726 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2020-0731 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2020-0745 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. Tue, 11 Feb 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-9-new-vulnerabilities-microsoft-windows-internet-explorer-february-2020 Zscaler protects against 3 new vulnerabilities for Microsoft Windows and Internet Explorer https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-microsoft-windows-and-internet-explorer Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerability included in the January 2020 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections as necessary. CVE-2020-0601 – Windows CryptoAPI Spoofing Vulnerability Severity: Critical Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation) A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. The user would have no way of knowing the file was malicious, because the digital signature would appear to be from a trusted provider. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. The security update addresses the vulnerability by ensuring that Windows CryptoAPI completely validates ECC certificates CVE-2020-0634 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) Windows Server, version 1909 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by correcting how CLFS handles objects in memory. CVE-2020-0674 – Scripting Engine Memory Corruption Vulnerability [Updated – January 20, 2020] Severity: Critical Affected Software Internet Explorer 10 for Windows Server 201 Internet Explorer 11 for Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 for Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 for Windows Server 2019 Internet Explorer 11 for Windows 10 Version 1909 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1909 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1909 for ARM64-based Systems Internet Explorer 11 for Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1709 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 for Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 for Windows 10 for 32-bit Systems Internet Explorer 11 for Windows 10 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 for Windows Server 2016 Internet Explorer 11 for Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 for Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 for Windows 8.1 for 32-bit systems Internet Explorer 11 for Windows 8.1 for x64-based systems Internet Explorer 11 for Windows RT 8.1 Internet Explorer 11 for Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 for Windows Server 2012 Internet Explorer 11 for Windows Server 2012 R2 Internet Explorer 9 for Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 for Windows Server 2008 for x64-based Systems Service Pack 2 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email. Tue, 14 Jan 2020 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-3-new-vulnerabilities-microsoft-windows-and-internet-explorer Zscaler protects against 1 new vulnerabilitiy for Microsoft Window https://www.zscaler.com/security-advisories/zscaler-protects-against-1-new-vulnerabilitiy-microsoft-window Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 1 vulnerability included in the December 2019 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections as necessary. CVE-2019-1469 – Win32k Information Disclosure Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for x64-based Systems Windows Server, version 1803 (Server Core Installation) Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for x64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows Server 2016 Windows Server 2016 (Server Core installation) Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows 10 Version 1909 for 32-bit Systems Windows 10 Version 1909 for x64-based Systems Windows Server, version 1909 (Server Core installation) Windows 10 Version 1909 for ARM64-based Systems An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how win32k handles objects in memory. Tue, 10 Dec 2019 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-1-new-vulnerabilitiy-microsoft-window Zscaler protects against 12 new vulnerabilities for Adobe Reader https://www.zscaler.com/security-advisories/zscaler-protects-against-12-new-vulnerabilities-december-2019 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 12 vulnerabilities included in the December 2019 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections as necessary. APSB19-55 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC (Continuous) 2019.021.20056 and earlier versions for macOS Acrobat DC (Continuous) 2019.021.20056 and earlier versions for Windows Acrobat Reader DC (Continuous) 2019.021.20056 and earlier versions for macOS Acrobat Reader DC (Continuous) 2019.021.20056 and earlier versions for Windows Acrobat 2017 (Classic 2017) 2017.011.30152 and earlier versions for Windows Acrobat 2017 (Classic 2017) 2017.011.30155 and earlier versions for macOS Acrobat Reader 2017 (Classic 2017) 2017.011.30152 and earlier versions for macOS Acrobat Reader 2017 (Classic 2017) 2017.011.30152 and earlier versions for Windows Acrobat 2015 (Classic 2015) 2015.006.30505 and earlier versions for macOS Acrobat 2015 (Classic 2015) 2015.006.30505 and earlier versions for Windows Acrobat Reader 2015 (Classic 2015) 2015.006.30505 and earlier versions for macOS Acrobat Reader 2015 (Classic 2015) 2015.006.30505 and earlier versions for Windows CVE-2019-16448 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-16457 – Out-of-Bounds Read Vulnerability leading to Information Disclosure. Severity: Important CVE-2019-16456 – Out-of-Bounds Read Vulnerability leading to Information disclosure. Severity: Important CVE-2019-16452 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-16452 – Buffer Error Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-16464 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-16450 – Out-of-Bounds Write Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-16460 – Untrusted Pointer Dereference Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-16449 – Out-of-Bounds Read Vulnerability leading to Information disclosure. Severity: Important CVE-2019-16458 – Out-of-Bounds Read Vulnerability leading to Information disclosure. Severity: Important CVE-2019-16454 – Out-of-Bounds Write Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-16445 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical Tue, 10 Dec 2019 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-12-new-vulnerabilities-december-2019 Zscaler protects against 7 new vulnerabilities for Microsoft Windows and Internet Explorer. https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-november-2019 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 7 vulnerabilities included in the November 2019 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections as necessary. CVE-2019-1390 – VBScript Remote Code Execution Vulnerability Severity: Critical Affected Software Internet Explorer 10 for Windows Server 2012 Internet Explorer 11 for Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 for Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 for Windows Server 2019 Internet Explorer 11 for Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1709 for 64-based Systems Internet Explorer 11 for Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 for Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 for Windows 10 for 32-bit Systems Internet Explorer 11 for Windows 10 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 for Windows Server 2016 Internet Explorer 11 for Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 for Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 for Windows 8.1 for 32-bit systems Internet Explorer 11 for Windows 8.1 for x64-based systems Internet Explorer 11 for Windows RT 8.1 Internet Explorer 11 for Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 for Windows Server 2012 Internet Explorer 11 for Windows Server 2012 R2 Internet Explorer 9 for Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 for Windows Server 2008 for x64-based Systems Service Pack 2 A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2019-1393 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2019-1395 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2019-1408 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2019-1429 – Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Internet Explorer 10 for Windows Server 2012 Internet Explorer 11 for Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 for Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 for Windows Server 2019 Internet Explorer 11 for Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1709 for 64-based Systems Internet Explorer 11 for Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 for Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 for Windows 10 for 32-bit Systems Internet Explorer 11 for Windows 10 for x64-based Systems Internet Explorer 11 for Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 for Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 for Windows Server 2016 Internet Explorer 11 for Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 for Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 for Windows 8.1 for 32-bit systems Internet Explorer 11 for Windows 8.1 for x64-based systems Internet Explorer 11 for Windows RT 8.1 Internet Explorer 11 for Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 for Windows Server 2012 Internet Explorer 11 for Windows Server 2012 R2 Internet Explorer 9 for Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 for Windows Server 2008 for x64-based Systems Service Pack 2 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the scripting engine handles objects in memory. CVE-2019-1435 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. CVE-2019-1437 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. In a local attack scenario, an attacker could exploit this vulnerability by running a specially crafted application to take control over the affected system. The update addresses the vulnerability by correcting the way in which the Microsoft Graphics Component handles objects in memory and preventing unintended elevation from user mode. Wed, 13 Nov 2019 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-7-new-vulnerabilities-november-2019 Zscaler protects against 17 new vulnerabilities for Adobe Acrobat and Reader https://www.zscaler.com/security-advisories/zscaler-protects-against-17-new-vulnerabilities-adobe-acrobat-and-reader Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 17 vulnerabilities included in the October 2019 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections as necessary. APSB19-49 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC (Continuous) 2019.012.20040 and earlier versions for Windows & macOS Acrobat Reader DC (Continuous) 2019.012.20040 and earlier versions for Windows & macOS Acrobat 2017 (Classic 2017) 2017.011.30148 and earlier versions for Windows & macOS Acrobat Reader 2017 (Classic 2017) 2017.011.30148 and earlier versions for Windows & macOS Acrobat 2015 (Classic 2015) 2015.006.30503 and earlier versions for Windows & macOS Acrobat Reader 2015 (Classic 2015) 2015.006.30503 and earlier versions for Windows & macOS CVE-2019-8176 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8177 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8183 – Heap Overflow Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8184 – Out of Bounds Read Vulnerability leading to Information Disclosure Severity: Important CVE-2019-8192 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8193 – Out of Bounds Read Vulnerability leading to Information Disclosure. Severity: Important CVE-2019-8198 – Out of Bounds Read Vulnerability leading to Information Disclosure. Severity: Important CVE-2019-8199 – Out-of-Bounds Write Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8205 – Untrusted Pointer Dereference Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8207 – Out of Bounds Read Vulnerability leading to Information Disclosure. Severity: Important CVE-2019-8209 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8211 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8213 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8215 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8217 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8219 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical CVE-2019-8224 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical Wed, 16 Oct 2019 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-17-new-vulnerabilities-adobe-acrobat-and-reader Zscaler protects against 2 new vulnerabilities for ChakraCore, Microsoft Edge and Microsoft Windows https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-october-2019 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the October 2019 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections as necessary. CVE-2019-1335 – Chakra Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software ChakraCore Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1703 for 32-bit Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1703 for x64-based Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1803 for 32-bit Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1803 for x64-based Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1803 for ARM64-based Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1809 for 32-bit Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1809 for x64-based Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1809 for ARM64-based Systems Microsoft Edge (EdgeHTML-based)on Windows Server 2019 Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1709 for 32-bit Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1709 for 64-based Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1709 for ARM64-based Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1903 for 32-bit Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1903 for x64-based Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1903 for ARM64-based Systems Microsoft Edge (EdgeHTML-based)on Windows 10 for 32-bit Systems Microsoft Edge (EdgeHTML-based)on Windows 10 for x64-based Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1607 for 32-bit Systems Microsoft Edge (EdgeHTML-based)on Windows 10 Version 1607 for x64-based Systems Microsoft Edge (EdgeHTML-based)on Windows Server 2016 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. CVE-2019-1362 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. Wed, 09 Oct 2019 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-2-new-vulnerabilities-october-2019 Zscaler protects against 9 new vulnerabilities for Microsoft Windows and Internet Explorer. https://www.zscaler.com/security-advisories/zscaler-protects-against-8-new-vulnerabilities-september-2019 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 9 vulnerabilities included in the September 2019 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections as necessary. CVE-2019-1219 – Windows Transaction Manager Information Disclosure Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An information disclosure vulnerability exists when the Windows Transaction Manager improperly handles objects in memory. An attacker who successfully exploited this vulnerability could potentially read data that was not intended to be disclosed. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application. The security update addresses the vulnerability by correcting how the Transaction Manager handles objects in memory. CVE-2019-1215 – Windows Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated privileges. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring that ws2ifsl.sys properly handles objects in memory. CVE-2019-1214 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run processes in an elevated context. To exploit the vulnerability, an attacker would first have to log on to the system, and then run a specially crafted application to take control over the affected system. The security update addresses the vulnerability by correcting how CLFS handles objects in memory. CVE-2019-1296 – Microsoft SharePoint Remote Code Execution Vulnerability Severity: Critical Affected Software Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019 A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. Exploitation of this vulnerability requires that a user access a susceptible API on an affected version of SharePoint with specially-formatted input. The security update addresses the vulnerability by correcting how SharePoint handles deserialization of untrusted data. CVE-2019-0788 – Remote Desktop Client Remote Code Execution Vulnerability Severity: Critical Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to have control of a server and then convince a user to connect to it. An attacker would have no way of forcing a user to connect to the malicious server, they would need to trick the user into connecting via social engineering, DNS poisoning or using a Man in the Middle (MITM) technique. An attacker could also compromise a legitimate server, host malicious code on it, and wait for the user to connect. The update addresses the vulnerability by correcting how the Windows Remote Desktop Client handles connection requests. CVE-2019-1257 – Microsoft SharePoint Remote Code Execution Vulnerability Severity: Critical Affected Software Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Foundation 2010 Service Pack 2 Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server 2019 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account. Exploitation of this vulnerability requires that a user uploads a specially crafted SharePoint application package to an affected version of SharePoint. The security update addresses the vulnerability by correcting how SharePoint checks the source markup of application packages. CVE-2019-0787 – Remote Desktop Client Remote Code Execution Vulnerability Severity: Critical Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server. An attacker who successfully exploited this vulnerability could execute arbitrary code on the computer of the connecting client. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to have control of a server and then convince a user to connect to it. An attacker would have no way of forcing a user to connect to the malicious server, they would need to trick the user into connecting via social engineering, DNS poisoning or using a Man in the Middle (MITM) technique. An attacker could also compromise a legitimate server, host malicious code on it, and wait for the user to connect. The update addresses the vulnerability by correcting how the Windows Remote Desktop Client handles connection requests. CVE-2019-1256 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for Itanium-Based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting how Win32k handles objects in memory. CVE-2019-1367 – Scripting Engine Memory Corruption Vulnerability [Updated: September 23, 2019] Severity: Critical Affected Software Internet Explorer 10 on Windows Server 2012 Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems Internet Explorer 11 on Windows Server 2019 Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1709 for 64-based Systems Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems Internet Explorer 11 on Windows 10 for 32-bit Systems Internet Explorer 11 on Windows 10 for x64-based Systems Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems Internet Explorer 11 on Windows Server 2016 Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows 8.1 for 32-bit systems Internet Explorer 11 on Windows 8.1 for x64-based systems Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 Internet Explorer 11 on Windows Server 2012 Internet Explorer 11 on Windows Server 2012 R2 Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2 Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website, for example, by sending an email. Tue, 10 Sep 2019 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-8-new-vulnerabilities-september-2019 Zscaler protects against 1 new vulnerability for Adobe Flash Player. https://www.zscaler.com/security-advisories/zscaler-protects-against-1-new-vulnerability-september-2019 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 1 vulnerability included in the September 2019 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections as necessary. APSB19-46 – Security updates available for Adobe Flash Player. Adobe has released security updates for Adobe Flash Player for Windows, macOS, Linux and Chrome OS. These updates address critical vulnerabilities in Adobe Flash Player. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat Flash Player Desktop Runtime 32.0.0.328 and earlier on Windows, macOS and Linux Acrobat Flash Player version 32.0.0.238 and earlier for Google Chrome on Windows, macOS, Linux, and Chrome OS Acrobat Flash Player version 32.0.0.207 and earlier for Microsoft Edge and Internet Explorer 11 on Windows 10 and 8.1 CVE-2019-8070 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Critical Tue, 10 Sep 2019 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-1-new-vulnerability-september-2019 Zscaler protects against 38 new vulnerabilities for Adobe Reader https://www.zscaler.com/security-advisories/zscaler-protects-against-38-new-vulnerabilities-august-2019 Zscaler protects against 38 new vulnerabilities for Adobe Reader. Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 38 vulnerabilities included in the August 2019 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections as necessary. APSB19-41 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address important vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user. Affected Software Acrobat DC (Continuous) 2019.012.20034 and earlier versions for macOS Acrobat DC (Continuous) 2019.012.20035 and earlier versions for Windows Acrobat Reader DC (Continuous) 2019.012.20034 and earlier versions for macOS Acrobat Reader DC (Continuous) 2019.012.20035 and earlier versions for Windows Acrobat DC (Classic 2017) 2017.011.30142 and earlier versions for macOS Acrobat DC (Classic 2017) 2017.011.30143 and earlier versions for Windows Acrobat Reader DC (Classic 2017) 2017.011.30142 and earlier versions for macOS Acrobat Reader DC (Classic 2017) 2017.011.30143 and earlier versions for Windows Acrobat DC (Classic 2015) 2015.006.30497 and earlier versions for macOS Acrobat DC (Classic 2015) 2015.006.30498 and earlier versions for Windows Acrobat Reader DC (Classic 2015) 2015.006.30497 and earlier versions for macOS Acrobat Reader DC (Classic 2015) 2015.006.30498 and earlier versions for Windows CVE-2019-7965 – Out-of-Bounds Write Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8003 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8005 – Out-of-Bounds Read Vulnerability leading to Information disclosure. Severity: Important CVE-2019-8006 – Untrusted Pointer Dereference Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8007 – Out-of-Bounds Read Vulnerability leading to Information disclosure. Severity: Important CVE-2019-8010 – Out-of-Bounds Read Vulnerability leading to Information disclosure. Severity: Important CVE-2019-8012 – Out-of-Bounds Read Vulnerability leading to Information disclosure. Severity: Important CVE-2019-8013 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8014 –Heap Overflow Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8015 – Heap Overflow Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8016 – Out-of-Bounds Write Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8019 – Type confusion Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8021 – Out-of-Bounds Read Vulnerability leading to Information Disclosure. Severity: Important CVE-2019-8023 – Out-of-Bounds Write Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8024 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8025 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8026 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8028 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8030 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8032 – Out-of-Bounds Read Vulnerability leading to information Disclosure. Severity: Important CVE-2019-8033 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8035 – Out-of-Bounds Read Vulnerability leading to Information Disclosure. Severity: Important CVE-2019-8037 – Out-of-Bounds Read Vulnerability leading to Information Disclosure. Severity: Important CVE-2019-8042 – Heap Overflow Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8051 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8053 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8054 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8055 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8057 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8058 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8059 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8061 – Use After Free Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8094 – Out-of-Bounds Read Vulnerability leading to Information Disclosure. Severity: Important CVE-2019-8098 – Out-of-Bounds Write Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8102 – Out-of-Bounds Read Vulnerability leading to Arbitrary Code Execution. Severity: Important CVE-2019-8103 – Out-of-Bounds Read Vulnerability leading to Information Disclosure. Severity: Important CVE-2019-8104 – Out-of-Bounds Read Vulnerability leading to Information Disclosure. Severity: Important Wed, 14 Aug 2019 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-38-new-vulnerabilities-august-2019 Zscaler protects against 12 new vulnerabilities for Chakra Core, Microsoft Windows, Internet Explorer and Microsoft Edge. https://www.zscaler.com/security-advisories/zscaler-protects-against-microsofts-12-new-vulnerabilities-august-2019 Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 12 vulnerabilities included in the August 2019 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections as necessary. CVE-2019-1141 – Chakra Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Microsoft Edge on Windows 10 Version 1809 for 32-bit Systems Microsoft Edge on Windows 10 Version 1809 for x64-based Systems Microsoft Edge on Windows 10 Version 1809 for ARM64-based Systems Microsoft Edge on Windows Server 2019 Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems Microsoft Edge on Windows 10 Version 1903 for x64-based Systems Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems ChakraCore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. CVE-2019-1196 – Chakra Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software ChakraCore Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems Microsoft Edge on Windows 10 Version 1703 for x64-based Systems Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems Microsoft Edge on Windows 10 Version 1803 for x64-based Systems Microsoft Edge on Windows 10 Version 1803 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1809 for 32-bit Systems Microsoft Edge on Windows 10 Version 1809 for x64-based Systems Microsoft Edge on Windows 10 Version 1809 for ARM64-based Systems Microsoft Edge on Windows Server 2019 Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems Microsoft Edge on Windows 10 Version 1709 for 64-based Systems Microsoft Edge on Windows 10 Version 1709 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems Microsoft Edge on Windows 10 Version 1903 for x64-based Systems Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. CVE-2019-1174 – Windows Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for ARM64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for x64-based Systems Windows 10 Version 1903 for ARM64-based Systems Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists in the way that the PsmServiceExtHost.dll handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions. To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application. The security update addresses the vulnerability by ensuring the PsmServiceExtHost.dll properly handles objects in memory. CVE-2019-1140 – Chakra Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Microsoft Edge on Windows 10 for 32-bit Systems Microsoft Edge on Windows 10 for x64-based Systems Microsoft Edge on Windows Server 2016 Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems Microsoft Edge on Windows 10 Version 1607 for x64-based Systems Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems Microsoft Edge on Windows 10 Version 1703 for x64-based Systems Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems Microsoft Edge on Windows 10 Version 1709 for x64-based Systems Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems Microsoft Edge on Windows 10 Version 1803 for x64-based Systems Microsoft Edge on Windows 10 Version 1803 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1809 for 32-bit Systems Microsoft Edge on Windows 10 Version 1809 for x64-based Systems Microsoft Edge on Windows 10 Version 1809 for ARM64-based Systems Microsoft Edge on Windows Server 2019 Microsoft Edge on Windows 10 Version 1709 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems Microsoft Edge on Windows 10 Version 1903 for x64-based Systems Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems ChakraCore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. CVE-2019-1195 – Chakra Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software ChakraCore Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems Microsoft Edge on Windows 10 Version 1703 for x64-based Systems Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems Microsoft Edge on Windows 10 Version 1803 for x64-based Systems Microsoft Edge on Windows 10 Version 1803 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1809 for 32-bit Systems Microsoft Edge on Windows 10 Version 1809 for x64-based Systems Microsoft Edge on Windows 10 Version 1809 for ARM64-based Systems Microsoft Edge on Windows Server 2019 Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems Microsoft Edge on Windows 10 Version 1709 for 64-based Systems Microsoft Edge on Windows 10 Version 1709 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems Microsoft Edge on Windows 10 Version 1903 for x64-based Systems Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems Microsoft Edge on Windows 10 Version 1607 for x64-based Systems Microsoft Edge on Windows Server 2016 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. CVE-2019-1184 – Windows Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An elevation of privilege vulnerability exists when Windows Core Shell COM Server Registrar improperly handles COM calls. An attacker who successfully exploited this vulnerability could potentially set certain items to run at a higher level and thereby elevate permissions. To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system. The update addresses this vulnerability by correcting unprotected COM calls. CVE-2019-1139 – Chakra Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software Microsoft Edge on Windows 10 for 32-bit Systems Microsoft Edge on Windows 10 for x64-based Systems Microsoft Edge on Windows Server 2016 Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems Microsoft Edge on Windows 10 Version 1607 for x64-based Systems Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems Microsoft Edge on Windows 10 Version 1703 for x64-based Systems Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems Microsoft Edge on Windows 10 Version 1709 for x64-based Systems Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems Microsoft Edge on Windows 10 Version 1803 for x64-based Systems Microsoft Edge on Windows 10 Version 1803 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1809 for 32-bit Systems Microsoft Edge on Windows 10 Version 1809 for x64-based Systems Microsoft Edge on Windows 10 Version 1809 for ARM64-based Systems Microsoft Edge on Windows Server 2019 Microsoft Edge on Windows 10 Version 1709 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems Microsoft Edge on Windows 10 Version 1903 for x64-based Systems Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems ChakraCore A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. CVE-2019-1197 – Chakra Scripting Engine Memory Corruption Vulnerability Severity: Critical Affected Software ChakraCore Microsoft Edge on Windows 10 Version 1703 for 32-bit Systems Microsoft Edge on Windows 10 Version 1703 for x64-based Systems Microsoft Edge on Windows 10 Version 1803 for 32-bit Systems Microsoft Edge on Windows 10 Version 1803 for x64-based Systems Microsoft Edge on Windows 10 Version 1803 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1809 for 32-bit Systems Microsoft Edge on Windows 10 Version 1809 for x64-based Systems Microsoft Edge on Windows 10 Version 1809 for ARM64-based Systems Microsoft Edge on Windows Server 2019 Microsoft Edge on Windows 10 Version 1709 for 32-bit Systems Microsoft Edge on Windows 10 Version 1709 for 64-based Systems Microsoft Edge on Windows 10 Version 1709 for ARM64-based Systems Microsoft Edge on Windows 10 Version 1903 for 32-bit Systems Microsoft Edge on Windows 10 Version 1903 for x64-based Systems Microsoft Edge on Windows 10 Version 1903 for ARM64-based Systems Microsoft Edge on Windows 10 for 32-bit Systems Microsoft Edge on Windows 10 for x64-based Systems Microsoft Edge on Windows 10 Version 1607 for 32-bit Systems Microsoft Edge on Windows 10 Version 1607 for x64-based Systems Microsoft Edge on Windows Server 2016 A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft Edge and then convince a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. The security update addresses the vulnerability by modifying how the Chakra scripting engine handles objects in memory. CVE-2019-1224 – Remote Desktop Protocol Server Information Disclosure Vulnerability. [ Updated: August 19, 2019] Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an attacker would have to connect remotely to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows RDP server initializes memory. CVE-2019-1225 – Remote Desktop Protocol Server Information Disclosure Vulnerability [ Updated: August 19, 2019] Severity: Important Affected Software Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) An information disclosure vulnerability exists when the Windows RDP server improperly discloses the contents of its memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the system. To exploit this vulnerability, an attacker would have to connect remotely to an affected system and run a specially crafted application. The security update addresses the vulnerability by correcting how the Windows RDP server initializes memory. CVE-2019-1181 – Remote Desktop Services Remote Code Execution Vulnerability [ Updated: August 19, 2019] Severity: Critical Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server version 1803 (Server Core Installation) Windows Server version 1903 (Server Core installation) A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. CVE-2019-1182 – Remote Desktop Services Remote Code Execution Vulnerability [ Updated: August 19, 2019] Severity: Critical Affected Software Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1703 for 32-bit Systems Windows 10 Version 1703 for x64-based Systems Windows 10 Version 1709 for 32-bit Systems Windows 10 Version 1709 for 64-based Systems Windows 10 Version 1709 for ARM64-based Systems Windows 10 Version 1803 for 32-bit Systems Windows 10 Version 1803 for ARM64-based Systems Windows 10 Version 1803 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1903 for 32-bit Systems Windows 10 Version 1903 for ARM64-based Systems Windows 10 Version 1903 for x64-based Systems Windows 7 for 32-bit Systems Service Pack 1 Windows 7 for x64-based Systems Service Pack 1 Windows 8.1 for 32-bit systems Windows 8.1 for x64-based systems Windows RT 8.1 Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server, version 1803 (Server Core Installation) Windows Server, version 1903 (Server Core installation) A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. To exploit this vulnerability, an attacker would need to send a specially crafted request to the target systems Remote Desktop Service via RDP. The update addresses the vulnerability by correcting how Remote Desktop Services handles connection requests. Tue, 13 Aug 2019 12:00:00 +0000 mapp-release@zscaler.com https://www.zscaler.com/security-advisories/zscaler-protects-against-microsofts-12-new-vulnerabilities-august-2019