Description
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to bypass security restrictions, gain privileges, execute arbitrary code, obtain sensitive information, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- A security feature bypass vulnerability in Windows Remote Assistance can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows SMB Server can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Server Update Service (WSUS) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Local Session Manager (LSM) can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Remote Procedure Call can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows NDIS can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Telephony Service can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Client-Side Caching (CSC) Service can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows NTFS can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows SMB Server can be exploited remotely to cause denial of service.
- A spoofing vulnerability in NTLM Hash Disclosure can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in Windows Deployment Services can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Motorola Soft Modem Driver can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows rndismp6.sys can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Desktop Window Manager can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Kerberos can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Kernel Memory can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Secure Boot Certificate Expiration can be exploited remotely to bypass security restrictions.
- A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
- A denial of service vulnerability in Windows Local Security Authority Subsystem Service (LSASS) can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows HTTP.sys can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to gain privileges.
- A spoofing vulnerability in Microsoft Windows File Explorer can be exploited remotely to spoof user interface.
Original advisories
- CVE-2026-20919
- CVE-2026-20940
- CVE-2026-20856
- CVE-2026-20869
- CVE-2026-20934
- CVE-2026-20860
- CVE-2026-20821
- CVE-2026-20936
- CVE-2026-20848
- CVE-2026-20926
- CVE-2026-20931
- CVE-2026-20839
- CVE-2026-20921
- CVE-2026-20840
- CVE-2026-20927
- CVE-2026-20872
- CVE-2026-0386
- CVE-2026-20816
- CVE-2024-55414
- CVE-2026-20828
- CVE-2026-20805
- CVE-2026-20849
- CVE-2023-31096
- CVE-2026-20833
- CVE-2026-20868
- CVE-2026-20922
- CVE-2026-20820
- CVE-2026-20809
- CVE-2026-21265
- CVE-2026-20834
- CVE-2026-20875
- CVE-2026-20929
- CVE-2026-20843
- CVE-2026-20925
- CVE-2026-20847
- CVE-2026-20831
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
CVE list
- CVE-2023-31096 critical
- CVE-2024-55414 critical
- CVE-2026-0386 critical
- CVE-2026-20805 high
- CVE-2026-20809 critical
- CVE-2026-20816 high
- CVE-2026-20820 critical
- CVE-2026-20821 high
- CVE-2026-20824 high
- CVE-2026-20828 warning
- CVE-2026-20831 high
- CVE-2026-20833 high
- CVE-2026-20834 warning
- CVE-2026-20839 high
- CVE-2026-20840 critical
- CVE-2026-20843 critical
- CVE-2026-20847 high
- CVE-2026-20848 critical
- CVE-2026-20849 critical
- CVE-2026-20856 critical
- CVE-2026-20860 critical
- CVE-2026-20868 critical
- CVE-2026-20869 high
- CVE-2026-20872 high
- CVE-2026-20875 critical
- CVE-2026-20919 critical
- CVE-2026-20921 critical
- CVE-2026-20922 critical
- CVE-2026-20925 high
- CVE-2026-20926 critical
- CVE-2026-20927 high
- CVE-2026-20929 critical
- CVE-2026-20931 critical
- CVE-2026-20934 critical
- CVE-2026-20936 warning
- CVE-2026-20940 critical
- CVE-2026-21265 high
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!