Multiple vulnerabilities in Microsoft Windows

説明

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code, gain privileges, obtain sensitive information, bypass security restrictions, spoof user interface.

Below is a complete list of vulnerabilities:

1. A denial of service vulnerability in Microsoft AllJoyn API can be exploited remotely to cause denial of service.
2. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
4. An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
7. An elevation of privilege vulnerability in Windows Composite Image File System (CimFS) can be exploited remotely to gain privileges.
8. An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely to gain privileges.
9. An information disclosure vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to obtain sensitive information.
10. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
11. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
12. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
13. A remote code execution vulnerability in Windows USB Attached SCSI (UAS) Protocol can be exploited remotely to execute arbitrary code.
14. An elevation of privilege vulnerability in Windows Error Reporting Service can be exploited remotely to gain privileges.
15. A denial of service vulnerability in Windows Kernel can be exploited remotely to cause denial of service.
16. An information disclosure vulnerability in RFDS can be exploited remotely to obtain sensitive information.
17. An elevation of privilege vulnerability in Windows USB Print Driver can be exploited remotely to gain privileges.
18. An elevation of privilege vulnerability in Windows Telephony Server can be exploited remotely to gain privileges.
19. A denial of service vulnerability in Windows Standards-Based Storage Management Service can be exploited remotely to cause denial of service.
20. An elevation of privilege vulnerability in Microsoft Windows SCSI Class System File can be exploited remotely to gain privileges.
21. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
22. A security feature bypass vulnerability in Hypervisor-Protected Code Integrity (HVCI) can be exploited remotely to bypass security restrictions.
23. A security feature bypass vulnerability in Windows Kerberos can be exploited remotely to bypass security restrictions.
24. A remote code execution vulnerability in Windows USB Hub Driver can be exploited remotely to execute arbitrary code.
25. A tampering vulnerability in Windows Compressed Folder can be exploited remotely to spoof user interface.
26. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
27. A denial of service vulnerability in Microsoft QUIC can be exploited remotely to cause denial of service.
28. A remote code execution vulnerability in Windows OLE can be exploited remotely to execute arbitrary code.

オリジナルアドバイザリー

• CVE-2024-21438

• CVE-2024-21441
• CVE-2024-26162
• CVE-2024-21446
• CVE-2024-21443
• CVE-2024-21440
• CVE-2024-26182
• CVE-2024-21433
• CVE-2024-21444
• CVE-2024-26173
• CVE-2024-26170
• CVE-2024-21432
• CVE-2024-26160
• CVE-2024-21437
• CVE-2024-21408
• CVE-2024-21407
• CVE-2024-21430
• CVE-2024-26169
• CVE-2024-26181
• CVE-2023-28746
• CVE-2024-26178
• CVE-2024-21445
• CVE-2024-21439
• CVE-2024-26197
• CVE-2024-21434
• CVE-2024-21450
• CVE-2024-26161
• CVE-2024-26159
• CVE-2024-21442
• CVE-2024-26177
• CVE-2024-26176
• CVE-2024-26174
• CVE-2024-21431
• CVE-2024-21427
• CVE-2024-21429
• CVE-2024-21451
• CVE-2024-26185
• CVE-2024-21436
• CVE-2024-26190
• CVE-2024-21435
• CVE-2024-26166

エクスプロイテーション

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

関連製品

• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019
• Microsoft-Windows-11

CVEリスト

• CVE-2024-21439
  high
• CVE-2024-26197
  high
• CVE-2024-21441
  critical
• CVE-2024-21450
  critical
• CVE-2024-26161
  critical
• CVE-2024-26162
  critical
• CVE-2024-21446
  critical
• CVE-2024-26166
  critical
• CVE-2024-26159
  critical
• CVE-2024-21440
  critical
• CVE-2024-26177
  high
• CVE-2024-21433
  high
• CVE-2024-21444
  critical
• CVE-2024-26176
  critical
• CVE-2024-26173
  critical
• CVE-2024-21432
  high
• CVE-2024-21430
  high
• CVE-2024-26174
  high
• CVE-2024-21437
  critical
• CVE-2024-21407
  critical
• CVE-2024-21427
  critical
• CVE-2024-21429
  high
• CVE-2024-21451
  critical
• CVE-2024-26169
  critical
• CVE-2024-21436
  critical
• CVE-2024-26181
  high
• CVE-2023-28746
  high
• CVE-2024-26178
  critical
• CVE-2024-21438
  critical
• CVE-2024-21443
  high
• CVE-2024-26182
  critical
• CVE-2024-26170
  critical
• CVE-2024-26160
  high
• CVE-2024-21408
  high
• CVE-2024-21445
  high
• CVE-2024-21434
  critical
• CVE-2024-21442
  critical
• CVE-2024-21431
  high
• CVE-2024-26185
  high
• CVE-2024-26190
  critical
• CVE-2024-21435
  critical

KBリスト

• 5035855
• 5035856
• 5035853
• 5035854
• 5035849
• 5035857
• 5035959
• 5035858
• 5035845
• 5036899
• 5036909
• 5036910
• 5036896

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com