Multiple vulnerabilities in Microsoft Products (ESU)

Popis

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A denial of service vulnerability in Windows TCP/IP can be exploited remotely to cause denial of service.
2. An elevation of privilege vulnerability in Data Deduplication can be exploited remotely to gain privileges.
3. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Windows Rich Text Edit can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability can be exploited to gain privileges.
7. A security feature bypass vulnerability in Windows TCP/IP Driver can be exploited remotely to bypass security restrictions.
8. A remote code execution vulnerability in Windows GDI can be exploited remotely to execute arbitrary code.
9. An elevation of privilege vulnerability in Windows Storage Spaces Controller can be exploited remotely to gain privileges.
10. An elevation of privilege vulnerability in Windows Link-Layer Discovery Protocol (LLDP) can be exploited remotely to gain privileges.
11. An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
12. A remote code execution vulnerability in Windows Netlogon can be exploited remotely to execute arbitrary code.
13. An elevation of privilege vulnerability in Windows Application Identity (AppID) Subsystem can be exploited remotely to gain privileges.
14. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
15. A security feature bypass vulnerability in Windows Filtering Platform (WFP) can be exploited remotely to bypass security restrictions.
16. An elevation of privilege vulnerability in Windows TCP/IP can be exploited remotely to gain privileges.
17. A denial of service vulnerability in Internet Key Exchange (IKE) Protocol can be exploited remotely to cause denial of service.
18. A security feature bypass vulnerability in Secure Boot can be exploited remotely to bypass security restrictions.
19. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
20. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
21. An elevation of privilege vulnerability in Windows Projected File System can be exploited remotely to gain privileges.
22. A denial of service vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to cause denial of service.
23. A remote code execution vulnerability in Windows Native WiFi Miniport Driver can be exploited remotely to execute arbitrary code.
24. An elevation of privilege vulnerability in Microsoft Cryptographic Services can be exploited remotely to gain privileges.
25. An elevation of privilege vulnerability in Windows TCP/IP Local can be exploited remotely to gain privileges.
26. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
27. An elevation of privilege vulnerability in Windows Telephony Service can be exploited remotely to gain privileges.
28. An elevation of privilege vulnerability in Windows Message Queuing (MSMQ) can be exploited remotely to gain privileges.
29. A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
30. An information disclosure vulnerability in Windows TCP/IP can be exploited remotely to obtain sensitive information.
31. An information disclosure vulnerability in Windows 11 Telnet Client can be exploited remotely to obtain sensitive information.
32. An elevation of privilege vulnerability in Windows Remote Desktop Services can be exploited remotely to gain privileges.
33. An elevation of privilege vulnerability in Windows Event Logging Service can be exploited remotely to gain privileges.
34. Buffer over-read in Windows DWM Core Library can be exploited remotely to obtain sensitive information.
35. A remote code execution vulnerability in Windows TCP/IP can be exploited remotely to execute arbitrary code.
36. An elevation of privilege vulnerability in Windows WAN ARP Driver can be exploited remotely to gain privileges.
37. A remote code execution vulnerability in Windows Volume Manager Extension Driver can be exploited remotely to execute arbitrary code.
38. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
39. An elevation of privilege vulnerability in Windows SMB Client can be exploited remotely to gain privileges.

Oficiální doporučení

• CVE-2026-40401

• CVE-2026-41095
• CVE-2026-33839
• CVE-2026-32170
• CVE-2026-40407
• CVE-2025-54518
• CVE-2026-35422
• CVE-2026-35421
• CVE-2026-35415
• CVE-2026-34341
• CVE-2026-34337
• CVE-2026-41089
• CVE-2026-34343
• CVE-2026-34342
• CVE-2026-32209
• CVE-2026-21530
• CVE-2026-34330
• CVE-2026-34334
• CVE-2026-35424
• CVE-2026-41097
• CVE-2026-34344
• CVE-2026-33841
• CVE-2026-34340
• CVE-2026-34339
• CVE-2026-32161
• CVE-2026-40377
• CVE-2026-33837
• CVE-2026-34347
• CVE-2026-35417
• CVE-2026-33835
• CVE-2026-40382
• CVE-2026-35418
• CVE-2026-33838
• CVE-2026-40413
• CVE-2026-34345
• CVE-2026-34333
• CVE-2026-40397
• CVE-2026-41088
• CVE-2026-34329
• CVE-2026-40399
• CVE-2026-40406
• CVE-2026-35423
• CVE-2026-35416
• CVE-2026-40398
• CVE-2026-33834
• CVE-2026-34336
• CVE-2026-34338
• CVE-2026-40415
• CVE-2026-40408
• CVE-2026-40380
• CVE-2026-34331
• CVE-2026-35420
• CVE-2026-40414
• CVE-2026-40403
• CVE-2026-40410
• CVE-2026-34351
• CVE-2026-42825

Související produkty

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-10

seznam CVE

• CVE-2026-21530
  high
• CVE-2026-32161
  critical
• CVE-2026-32170
  high
• CVE-2026-32209
  warning
• CVE-2026-33834
  critical
• CVE-2026-33835
  critical
• CVE-2026-33837
  critical
• CVE-2026-33838
  critical
• CVE-2026-33839
  high
• CVE-2026-33841
  critical
• CVE-2026-34329
  critical
• CVE-2026-34330
  critical
• CVE-2026-34331
  high
• CVE-2026-34333
  critical
• CVE-2026-34334
  critical
• CVE-2026-34336
  critical
• CVE-2026-34337
  critical
• CVE-2026-34338
  critical
• CVE-2026-34339
  high
• CVE-2026-34340
  high
• CVE-2026-34341
  high
• CVE-2026-34342
  high
• CVE-2026-34343
  critical
• CVE-2026-34344
  critical
• CVE-2026-34345
  high
• CVE-2026-34347
  high
• CVE-2026-34351
  critical
• CVE-2026-35415
  critical
• CVE-2026-35416
  high
• CVE-2026-35417
  critical
• CVE-2026-35418
  critical
• CVE-2026-35420
  critical
• CVE-2026-35421
  critical
• CVE-2026-35422
  high
• CVE-2026-35423
  high
• CVE-2026-35424
  critical
• CVE-2026-40377
  critical
• CVE-2026-40380
  high
• CVE-2026-40382
  critical
• CVE-2026-40397
  critical
• CVE-2026-40398
  critical
• CVE-2026-40399
  critical
• CVE-2026-40401
  high
• CVE-2026-40403
  critical
• CVE-2026-40406
  critical
• CVE-2026-40407
  critical
• CVE-2026-40408
  critical
• CVE-2026-40410
  high
• CVE-2026-40413
  high
• CVE-2026-40414
  high
• CVE-2026-40415
  critical
• CVE-2026-41088
  critical
• CVE-2026-41089
  critical
• CVE-2026-41095
  critical
• CVE-2026-41097
  high
• CVE-2026-42825
  high
• CVE-2025-54518
  unknown

seznam KB

• 5087471
• 5087470
• 5087544

Zobrazit více

Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com