Multiple vulnerabilities in Microsoft Products (ESU)

Description

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, spoof user interface, bypass security restrictions, cause denial of service.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Remote Procedure Call Runtime can be exploited remotely to execute arbitrary code.
2. An information disclosure vulnerability in Windows GDI+ can be exploited remotely to obtain sensitive information.
3. An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Windows CSC Service can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Windows Remote Procedure Call Runtime can be exploited remotely to gain privileges.
7. An information disclosure vulnerability in Windows Graphics Component can be exploited remotely to obtain sensitive information.
8. A remote code execution vulnerability in Microsoft DTV-DVD Video Decoder can be exploited remotely to execute arbitrary code.
9. A remote code execution vulnerability in Windows Fax Compose Form can be exploited remotely to execute arbitrary code.
10. An elevation of privilege vulnerability in Windows LUAFV can be exploited remotely to gain privileges.
11. A security feature bypass vulnerability in NTLM can be exploited remotely to bypass security restrictions.
12. An information disclosure vulnerability in TPM Device Driver can be exploited remotely to obtain sensitive information.
13. An elevation of privilege vulnerability in Active Template Library can be exploited remotely to gain privileges.
14. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
15. A security feature bypass vulnerability in Windows Remote Desktop Protocol Core can be exploited remotely to bypass security restrictions.
16. A denial of service vulnerability in Windows CryptoAPI can be exploited remotely to cause denial of service.
17. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
18. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
19. An information disclosure vulnerability in Windows (modem.sys) can be exploited remotely to obtain sensitive information.
20. An information disclosure vulnerability in Windows NT Lan Manager Datagram Receiver Driver can be exploited remotely to obtain sensitive information.
21. A remote code execution vulnerability in GDI+ can be exploited remotely to execute arbitrary code.
22. An elevation of privilege vulnerability in Windows Runtime C++ Template Library can be exploited remotely to gain privileges.
23. An elevation of privilege vulnerability in Microsoft splwow64 can be exploited remotely to gain privileges.
24. A remote code execution vulnerability in Microsoft Windows Media Foundation can be exploited remotely to execute arbitrary code.
25. A denial of service vulnerability in Hyper-V can be exploited remotely to cause denial of service.
26. An information disclosure vulnerability in Windows DNS Query can be exploited remotely to obtain sensitive information.
27. A security feature bypass vulnerability in Windows Bluetooth can be exploited remotely to bypass security restrictions.
28. An elevation of privilege vulnerability in Microsoft SQL can be exploited remotely to gain privileges.

Original advisories

• CVE-2021-1658

• CVE-2021-1708
• CVE-2021-1704
• CVE-2021-1653
• CVE-2021-1659
• CVE-2021-1666
• CVE-2021-1673
• CVE-2021-1694
• CVE-2021-1671
• CVE-2021-1702
• CVE-2021-1667
• CVE-2021-1696
• CVE-2021-1701
• CVE-2021-1668
• CVE-2021-1657
• CVE-2021-1706
• CVE-2021-1660
• CVE-2021-1678
• CVE-2021-1656
• CVE-2021-1654
• CVE-2021-1693
• CVE-2021-1649
• CVE-2021-1652
• CVE-2021-1664
• CVE-2021-1695
• CVE-2021-1674
• CVE-2021-1679
• CVE-2021-1661
• CVE-2021-1709
• CVE-2021-1700
• CVE-2021-1699
• CVE-2021-1655
• CVE-2021-1676
• CVE-2021-1665
• CVE-2021-1688
• CVE-2021-1650
• CVE-2021-1648
• CVE-2021-1710
• CVE-2021-1692
• CVE-2021-1637
• CVE-2021-1684
• CVE-2021-1636
• CVE-2021-1683

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-SQL-Server
• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008

CVE list

• CVE-2021-1658
  high
• CVE-2021-1708
  high
• CVE-2021-1704
  high
• CVE-2021-1653
  high
• CVE-2021-1659
  high
• CVE-2021-1666
  high
• CVE-2021-1673
  high
• CVE-2021-1694
  high
• CVE-2021-1671
  high
• CVE-2021-1702
  high
• CVE-2021-1667
  high
• CVE-2021-1696
  high
• CVE-2021-1701
  high
• CVE-2021-1668
  high
• CVE-2021-1657
  high
• CVE-2021-1706
  high
• CVE-2021-1660
  high
• CVE-2021-1678
  high
• CVE-2021-1656
  high
• CVE-2021-1654
  high
• CVE-2021-1693
  high
• CVE-2021-1649
  high
• CVE-2021-1652
  high
• CVE-2021-1664
  high
• CVE-2021-1695
  high
• CVE-2021-1674
  high
• CVE-2021-1679
  high
• CVE-2021-1661
  high
• CVE-2021-1709
  high
• CVE-2021-1700
  high
• CVE-2021-1699
  high
• CVE-2021-1655
  high
• CVE-2021-1676
  high
• CVE-2021-1665
  high
• CVE-2021-1688
  high
• CVE-2021-1636
  high
• CVE-2021-1684
  warning
• CVE-2021-1692
  high
• CVE-2021-1683
  warning
• CVE-2021-1637
  high
• CVE-2021-1650
  high
• CVE-2021-1648
  high
• CVE-2021-1710
  high

KB list

• 4598275
• 4598285
• 4598278
• 4598297
• 4598288
• 4598279
• 4598287
• 4598289
• 4583465
• 5005613
• 5005627
• 5005623
• 5005633
• 5005606
• 5005607
• 5005615
• 5005618

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com