Description
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, gain privileges, obtain sensitive information, spoof user interface, read local files.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Windows Distributed Transaction Coordinator can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in Secure Boot can be exploited remotely to bypass security restrictions.
- A denial of service vulnerability in Windows Remote Desktop Gateway (RD Gateway) can be exploited remotely to cause denial of service.
- A denial of service vulnerability in Windows iSCSI Service can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Filtering Platform can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Image Acquisition can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Workstation Service can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Network Driver Interface Specification (NDIS) can be exploited remotely to cause denial of service.
- A denial of service vulnerability in Windows Layer-2 Bridge Network Driver can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Layer-2 Bridge Network Driver can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Cryptographic Services can be exploited remotely to bypass security restrictions.
- A denial of service vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Microsoft Windows Codecs Library can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Online Certificate Status Protocol (OCSP) Server can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in DHCP Server Service can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in BitLocker can be exploited remotely to bypass security restrictions.
- A denial of service vulnerability in Windows Line Printer Daemon Service can be exploited remotely to cause denial of service.
- A security feature bypass vulnerability in Windows LockDown Policy (WLDP) can be exploited remotely to bypass security restrictions.
- An information disclosure vulnerability in Windows TCP/IP can be exploited remotely to obtain sensitive information.
- A spoofing vulnerability in Windows NTLM can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Windows Remote Access Connection Manager can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Microsoft Windows Performance Data Helper Library can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Imaging Component can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
- A spoofing vulnerability in CERT/CC: CVE-2024-3596 RADIUS Protocol can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in DCOM Remote Cross-Session Activation can be exploited remotely to gain privileges.
- A spoofing vulnerability in Windows Themes can be exploited remotely to spoof user interface.
- A denial of service vulnerability in Microsoft WS-Discovery can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Github: CVE-2024-39684 TenCent RapidJSON can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Microsoft Windows Server Backup can be exploited remotely to gain privileges.
- A spoofing vulnerability in Windows MSHTML Platform can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in PowerShell can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft Message Queuing can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Text Services Framework can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Github: CVE-2024-38517 TenCent RapidJSON can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows File Explorer can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows Enroll Engine can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Xbox Wireless Adapter can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Microsoft Xbox can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Kernel-Mode Driver can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows MultiPoint Services can be exploited remotely to execute arbitrary code.
- Information disclosure vulnerability in Microsoft Windows can be exploited remotely to obtain sensitive information.
Original advisories
- CVE-2024-38072
- CVE-2024-37974
- CVE-2024-38015
- CVE-2024-35270
- CVE-2024-38085
- CVE-2024-37988
- CVE-2024-37972
- CVE-2024-30079
- CVE-2024-38034
- CVE-2024-38022
- CVE-2024-38050
- CVE-2024-21417
- CVE-2024-38517
- CVE-2024-38048
- CVE-2024-37984
- CVE-2024-38105
- CVE-2024-38100
- CVE-2024-38041
- CVE-2024-38053
- CVE-2024-38069
- CVE-2024-38059
- CVE-2024-38102
- CVE-2024-38054
- CVE-2024-30098
- CVE-2024-38071
- CVE-2024-37971
- CVE-2024-38077
- CVE-2024-38010
- CVE-2024-38056
- CVE-2024-37987
- CVE-2024-38031
- CVE-2024-37986
- CVE-2024-38078
- CVE-2024-38044
- CVE-2024-38080
- CVE-2024-38079
- CVE-2024-37973
- CVE-2024-37977
- CVE-2024-38058
- CVE-2024-38032
- CVE-2024-37969
- CVE-2024-38027
- CVE-2024-38065
- CVE-2024-38043
- CVE-2024-38047
- CVE-2024-38062
- CVE-2024-38055
- CVE-2024-38070
- CVE-2024-38064
- CVE-2024-30081
- CVE-2024-26184
- CVE-2024-37978
- CVE-2024-38028
- CVE-2024-30071
- CVE-2024-38060
- CVE-2024-38074
- CVE-2024-30013
- CVE-2024-38051
- CVE-2024-37970
- CVE-2024-38057
- CVE-2024-3596
- CVE-2024-38011
- CVE-2024-28899
- CVE-2024-38061
- CVE-2024-38076
- CVE-2024-38052
- CVE-2024-38030
- CVE-2024-38091
- CVE-2024-38104
- CVE-2024-39684
- CVE-2024-37989
- CVE-2024-38101
- CVE-2024-38025
- CVE-2024-37981
- CVE-2024-38073
- CVE-2024-38067
- CVE-2024-38013
- CVE-2024-38019
- CVE-2024-38112
- CVE-2024-38033
- CVE-2024-37975
- CVE-2024-38068
- CVE-2024-38017
- CVE-2024-38066
- CVE-2024-37985
- CVE-2024-38099
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-10
- Microsoft-Windows-Server-2016
- Microsoft-Windows-Server-2019
- Microsoft-Windows-11
- Microsoft-Windows-Server-2022
CVE list
- CVE-2024-38049 critical
- CVE-2024-37974 critical
- CVE-2024-38015 critical
- CVE-2024-35270 high
- CVE-2024-38085 critical
- CVE-2024-37988 critical
- CVE-2024-37972 critical
- CVE-2024-30079 critical
- CVE-2024-38034 critical
- CVE-2024-38022 high
- CVE-2024-38050 critical
- CVE-2024-38048 high
- CVE-2024-37984 critical
- CVE-2024-38105 high
- CVE-2024-38053 critical
- CVE-2024-38102 high
- CVE-2024-38054 critical
- CVE-2024-30098 critical
- CVE-2024-38071 critical
- CVE-2024-37971 critical
- CVE-2024-38077 critical
- CVE-2024-38010 critical
- CVE-2024-38056 high
- CVE-2024-37987 critical
- CVE-2024-38031 critical
- CVE-2024-37986 critical
- CVE-2024-38044 high
- CVE-2024-38079 critical
- CVE-2024-37973 critical
- CVE-2024-38058 high
- CVE-2024-37969 critical
- CVE-2024-38099 high
- CVE-2024-38027 high
- CVE-2024-38065 high
- CVE-2024-38055 high
- CVE-2024-38070 critical
- CVE-2024-38064 critical
- CVE-2024-30081 high
- CVE-2024-30071 warning
- CVE-2024-38028 high
- CVE-2024-38060 critical
- CVE-2024-38074 critical
- CVE-2024-38051 critical
- CVE-2024-38057 critical
- CVE-2024-37970 critical
- CVE-2024-3596 warning
- CVE-2024-38011 critical
- CVE-2024-28899 critical
- CVE-2024-38061 critical
- CVE-2024-38052 critical
- CVE-2024-38030 high
- CVE-2024-38091 critical
- CVE-2024-38104 critical
- CVE-2024-39684 warning
- CVE-2024-37989 critical
- CVE-2024-38101 high
- CVE-2024-38025 high
- CVE-2024-38073 critical
- CVE-2024-38067 critical
- CVE-2024-38013 high
- CVE-2024-38019 high
- CVE-2024-38112 critical
- CVE-2024-38033 high
- CVE-2024-37975 critical
- CVE-2024-38068 critical
- CVE-2024-38017 high
- CVE-2024-38066 critical
- CVE-2024-38072 critical
- CVE-2024-21417 critical
- CVE-2024-38517 warning
- CVE-2024-38100 critical
- CVE-2024-38041 high
- CVE-2024-38069 high
- CVE-2024-38059 critical
- CVE-2024-38078 critical
- CVE-2024-38080 critical
- CVE-2024-37977 critical
- CVE-2024-38032 high
- CVE-2024-38043 critical
- CVE-2024-38047 critical
- CVE-2024-38062 critical
- CVE-2024-26184 high
- CVE-2024-37978 critical
- CVE-2024-30013 critical
- CVE-2024-38076 critical
- CVE-2024-37981 critical
- CVE-2024-37985 high
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!