Description
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Active Directory Domain Services can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Remote Desktop Protocol (RDP) can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Fast FAT File System Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Microsoft COM for Windows can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Credential Security Support Provider Protocol (CredSSP) can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
Fiches de renseignement originales
- CVE-2021-41367
- CVE-2021-41371
- CVE-2021-38665
- CVE-2021-38666
- CVE-2021-42291
- CVE-2021-42278
- CVE-2021-41377
- CVE-2021-41379
- CVE-2021-42285
- CVE-2021-42283
- CVE-2021-42275
- CVE-2021-38631
- CVE-2021-41370
- CVE-2021-42287
- CVE-2021-41366
- CVE-2021-42284
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Produits associés
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
Liste CVE
- CVE-2021-42282 critical
- CVE-2021-41367 critical
- CVE-2021-41371 warning
- CVE-2021-38665 high
- CVE-2021-38666 critical
- CVE-2021-42291 critical
- CVE-2021-42278 critical
- CVE-2021-41377 critical
- CVE-2021-41379 critical
- CVE-2021-42285 critical
- CVE-2021-42283 critical
- CVE-2021-42275 critical
- CVE-2021-38631 warning
- CVE-2021-41370 critical
- CVE-2021-42287 critical
- CVE-2021-42284 critical
- CVE-2021-41366 critical
Liste KB
En savoir plus
Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com
Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ? Faites-le nous savoir !