This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in Microsoft SMB Servers.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted compressed data packet. A remote, unauthenticated attacker can exploit this to execute arbitrary code within the context of the application.
Disclosure Date: June 09, 2020 (last updated June 13, 2020)
An information disclosure vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Information Disclosure Vulnerability'.
Disclosure Date: June 09, 2020 (last updated June 16, 2020)
An elevation of privilege vulnerability exists in OpenSSH for Windows when it does not properly restrict access to configuration settings. An attacker who successfully exploited this vulnerability could replace the shell with a malicious binary.
To exploit this vulnerability, an authenticated attacker would need to modify the OpenSSH for Windows configuration on a vulnerable system. The attacker would then need to convince a user to connect to the vulnerable OpenSSH for Windows server.
The update addresses the vulnerability by restricting access to OpenSSH for Windows configuration settings.