Multiple vulnerabilities in Microsoft Products (ESU)

説明

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows NTFS can be exploited remotely to gain privileges.
2. An elevation of privilege vulnerability in Windows GPSVC can be exploited remotely to gain privileges.
3. A remote code execution vulnerability in Windows MSHTML Platform can be exploited remotely to execute arbitrary code.
4. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Microsoft Enhanced Cryptographic Provider can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
7. An elevation of privilege vulnerability in Windows Filter Manager can be exploited remotely to gain privileges.
8. A denial of service vulnerability in Windows Remote Desktop Services can be exploited remotely to cause denial of service.
9. An elevation of privilege vulnerability in Windows NTLM can be exploited remotely to gain privileges.
10. A security feature bypass vulnerability in Windows HTML Platform can be exploited remotely to bypass security restrictions.
11. A security bypass vulnerability in Windows DCOM Server can be exploited remotely to bypass security restrictions.
12. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
13. A security feature bypass vulnerability in Kerberos AppContainer can be exploited remotely to bypass security restrictions.
14. An information disclosure vulnerability in Server for NFS can be exploited remotely to obtain sensitive information.
15. A denial of service vulnerability in Server for NFS can be exploited remotely to cause denial of service.
16. A security feature bypass vulnerability in Windows TCP/IP Driver can be exploited remotely to bypass security restrictions.
17. An information disclosure vulnerability in Event Tracing for Windows can be exploited remotely to obtain sensitive information.

オリジナルアドバイザリー

• CVE-2021-31956

• CVE-2021-31973
• CVE-2021-33742
• CVE-2021-31954
• CVE-2021-31201
• CVE-2021-31199
• CVE-2021-1675
• CVE-2021-31953
• CVE-2021-31968
• CVE-2021-31958
• CVE-2021-31971
• CVE-2021-26414
• CVE-2021-31959
• CVE-2021-31962
• CVE-2021-31976
• CVE-2021-31974
• CVE-2021-31975
• CVE-2021-31970
• CVE-2021-31972

エクスプロイテーション

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

関連製品

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008

CVEリスト

• CVE-2021-31956
  critical
• CVE-2021-31973
  critical
• CVE-2021-33742
  critical
• CVE-2021-31954
  critical
• CVE-2021-31201
  critical
• CVE-2021-31199
  critical
• CVE-2021-1675
  critical
• CVE-2021-31953
  critical
• CVE-2021-31968
  critical
• CVE-2021-31958
  critical
• CVE-2021-31971
  critical
• CVE-2021-26414
  high
• CVE-2021-31959
  critical
• CVE-2021-31962
  critical
• CVE-2021-31975
  critical
• CVE-2021-31972
  high
• CVE-2021-31976
  critical
• CVE-2021-31970
  high
• CVE-2021-31974
  critical

KBリスト

• 5003695
• 5003636
• 5003661
• 5003667
• 5003694
• 5003681
• 5003671
• 5003696
• 5003697
• 5014742
• 5014748
• 5023752
• 5023764
• 5023756
• 5023765
• 5023755
• 5023754
• 5023759
• 5023769

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com