Multiple vulnerabilities in Microsoft Products (ESU)

説明

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Windows Encrypting File System (EFS) can be exploited remotely to execute arbitrary code.
2. An information disclosure vulnerability in Microsoft Local Security Authority Server (lsasrv) can be exploited remotely to obtain sensitive information.
3. An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Windows Remote Access can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Windows NTFS can be exploited remotely to gain privileges.
7. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
8. A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
9. A memory corruption vulnerability in iSNS Server can be exploited remotely to execute arbitrary code.
10. An elevation of privilege vulnerability in Windows Encrypting File System (EFS) can be exploited remotely to gain privileges.
11. An information disclosure vulnerability in Windows Common Log File System Driver can be exploited remotely to obtain sensitive information.
12. An information disclosure vulnerability in Microsoft Message Queuing can be exploited remotely to obtain sensitive information.
13. A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
14. An elevation of privilege vulnerability in Windows Digital TV Tuner can be exploited remotely to gain privileges.
15. An elevation of privilege vulnerability in Windows Media Center can be exploited remotely to gain privileges.
16. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
17. A remote code execution vulnerability in Windows Event Tracing can be exploited remotely to execute arbitrary code.
18. An elevation of privilege vulnerability in Windows Digital Media Receiver can be exploited remotely to gain privileges.

オリジナルアドバイザリー

• CVE-2021-43217

• CVE-2021-43216
• CVE-2021-43223
• CVE-2021-43238
• CVE-2021-43883
• CVE-2021-43229
• CVE-2021-43226
• CVE-2021-43234
• CVE-2021-43215
• CVE-2021-43893
• CVE-2021-43230
• CVE-2021-43224
• CVE-2021-43222
• CVE-2021-43233
• CVE-2021-43245
• CVE-2021-40441
• CVE-2021-41333
• CVE-2021-43236
• CVE-2021-43207
• CVE-2021-43232
• CVE-2021-43248

エクスプロイテーション

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

関連製品

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008

CVEリスト

• CVE-2021-43217
  critical
• CVE-2021-43216
  high
• CVE-2021-43223
  critical
• CVE-2021-43238
  critical
• CVE-2021-43883
  critical
• CVE-2021-43229
  critical
• CVE-2021-43226
  critical
• CVE-2021-43232
  critical
• CVE-2021-43234
  critical
• CVE-2021-43215
  critical
• CVE-2021-43893
  critical
• CVE-2021-43230
  critical
• CVE-2021-43224
  high
• CVE-2021-43222
  critical
• CVE-2021-43233
  critical
• CVE-2021-43245
  critical
• CVE-2021-40441
  critical
• CVE-2021-43248
  critical
• CVE-2021-41333
  critical
• CVE-2021-43236
  critical
• CVE-2021-43207
  critical

KBリスト

• 5008263
• 5008277
• 5008285
• 5008255
• 5008274
• 5008244
• 5008282
• 5008271
• 5015875
• 5015863
• 5015877
• 5015874
• 5015862
• 5015861

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com