Description
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Standards-Based Storage Management Service can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Kernel Streaming Service Driver can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Mark of the Web can be exploited remotely to bypass security restrictions.
- A spoofing vulnerability in Windows MSHTML Platform can be exploited remotely to spoof user interface.
- A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft Windows Admin Center can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Security Zone Mapping can be exploited remotely to bypass security restrictions.
- An information disclosure vulnerability in Windows Kernel-Mode Driver can be exploited remotely to obtain sensitive information.
- A spoofing vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Networking can be exploited remotely to cause denial of service.
Original advisories
- CVE-2024-43454
- CVE-2024-38260
- CVE-2024-38247
- CVE-2024-38230
- CVE-2024-38245
- CVE-2024-38231
- CVE-2024-38014
- CVE-2024-43487
- CVE-2024-43461
- CVE-2024-38236
- CVE-2024-38240
- CVE-2024-43475
- CVE-2024-38239
- CVE-2024-38263
- CVE-2024-30073
- CVE-2024-38256
- CVE-2024-43455
- CVE-2024-38217
- CVE-2024-38249
- CVE-2024-38258
- CVE-2024-43467
- CVE-2024-38234
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
CVE list
- CVE-2024-38250 critical
- CVE-2024-43454 high
- CVE-2024-38260 critical
- CVE-2024-38247 critical
- CVE-2024-38230 high
- CVE-2024-38245 critical
- CVE-2024-38231 high
- CVE-2024-38014 critical
- CVE-2024-43487 high
- CVE-2024-43461 critical
- CVE-2024-38236 critical
- CVE-2024-38240 critical
- CVE-2024-43475 high
- CVE-2024-38239 high
- CVE-2024-38263 critical
- CVE-2024-30073 critical
- CVE-2024-38256 high
- CVE-2024-43455 critical
- CVE-2024-38217 high
- CVE-2024-38249 critical
- CVE-2024-38258 high
- CVE-2024-43467 critical
- CVE-2024-38234 high
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!