Description
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Windows Remote Desktop Services can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows File Explorer can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Input Method Editor (IME) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Task Scheduler can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows IP Routing Management Snapin can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Domain Name Service can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Remote Desktop Gateway (RD Gateway) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Lightweight Directory Access Protocol (LDAP) Client can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Local Security Authority Subsystem Service (LSASS) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
Original advisories
- CVE-2024-49082
- CVE-2024-49104
- CVE-2024-49090
- CVE-2024-49102
- CVE-2024-49113
- CVE-2024-49089
- CVE-2024-49112
- CVE-2024-49127
- CVE-2024-49079
- CVE-2024-49072
- CVE-2024-49122
- CVE-2024-49105
- CVE-2024-49096
- CVE-2024-49121
- CVE-2024-49080
- CVE-2024-49088
- CVE-2024-49091
- CVE-2024-49129
- CVE-2024-49124
- CVE-2024-49086
- CVE-2024-49138
- CVE-2024-49120
- CVE-2024-49126
- CVE-2024-49125
- CVE-2024-49085
- CVE-2024-49118
- CVE-2024-49084
Related products
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
CVE list
- CVE-2024-49104 high
- CVE-2024-49090 high
- CVE-2024-49113 high
- CVE-2024-49112 critical
- CVE-2024-49127 high
- CVE-2024-49089 high
- CVE-2024-49079 high
- CVE-2024-49122 high
- CVE-2024-49121 high
- CVE-2024-49129 high
- CVE-2024-49124 high
- CVE-2024-49120 high
- CVE-2024-49126 high
- CVE-2024-49125 high
- CVE-2024-49118 high
- CVE-2024-49102 high
- CVE-2024-49084 high
- CVE-2024-49128 high
- CVE-2024-49082 high
- CVE-2024-49072 high
- CVE-2024-49105 high
- CVE-2024-49080 high
- CVE-2024-49088 high
- CVE-2024-49096 high
- CVE-2024-49091 high
- CVE-2024-49086 high
- CVE-2024-49138 high
- CVE-2024-49085 high
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!