Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, obtain sensitive information, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A denial of service vulnerability in Windows Trust Verification API can be exploited remotely to cause denial of service.
2. An elevation of privilege vulnerability in Windows Event Tracing can be exploited remotely to gain privileges.
3. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
4. An information disclosure vulnerability in Windows Remote Procedure Call can be exploited remotely to obtain sensitive information.
5. An elevation of privilege vulnerability in Windows PKU2U can be exploited remotely to gain privileges.
6. A denial of service vulnerability in Windows TCP/IP can be exploited remotely to cause denial of service.
7. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
8. A remote code execution vulnerability in Windows TCP/IP can be exploited remotely to execute arbitrary code.
9. An information disclosure vulnerability in Microsoft Windows VMSwitch can be exploited remotely to obtain sensitive information.
10. A remote code execution vulnerability in Windows DNS Server can be exploited remotely to execute arbitrary code.
11. An information disclosure vulnerability in Windows Mobile Device Management can be exploited remotely to obtain sensitive information.
12. A denial of service vulnerability in Windows Network File System can be exploited remotely to cause denial of service.
13. A security feature bypass vulnerability in Microsoft.PowerShell.Utility Module WDAC can be exploited remotely to bypass security restrictions.
14. A security feature bypass vulnerability in PFX Encryption can be exploited remotely to bypass security restrictions.
15. A remote code execution vulnerability in Windows Address Book can be exploited remotely to execute arbitrary code.
16. An information disclosure vulnerability in Windows Backup Engine can be exploited remotely to obtain sensitive information.
17. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
18. A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
19. A denial of service vulnerability in Windows Console Driver can be exploited remotely to cause denial of service.
20. A remote code execution vulnerability in Windows Local Spooler can be exploited remotely to execute arbitrary code.
21. A remote code execution vulnerability in Microsoft Windows Codecs Library can be exploited remotely to execute arbitrary code.
22. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
23. An information disclosure vulnerability in Windows DirectX can be exploited remotely to obtain sensitive information.
24. A remote code execution vulnerability in Windows Camera Codec Pack can be exploited remotely to execute arbitrary code.
25. A security feature bypass vulnerability in Microsoft Windows can be exploited remotely to bypass security restrictions.

Первичный источник обнаружения

• CVE-2021-24080
  CVE-2021-24103
  CVE-2021-24093
  CVE-2021-1734
  CVE-2021-25195
  CVE-2021-24086
  CVE-2021-1727
  CVE-2021-24102
  CVE-2021-24094
  CVE-2021-24076
  CVE-2021-24078
  CVE-2021-24084
  CVE-2021-24075
  CVE-2021-24082
  CVE-2021-1731
  CVE-2021-24083
  CVE-2021-24079
  CVE-2021-24096
  CVE-2021-1722
  CVE-2021-24098
  CVE-2021-24074
  CVE-2021-24088
  CVE-2021-24081
  CVE-2021-24077
  CVE-2021-1698
  CVE-2021-24106
  CVE-2021-1732
  CVE-2021-24091
  CVE-2020-17162
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10

Список CVE

• CVE-2021-24080
  high
• CVE-2021-24103
  critical
• CVE-2021-24093
  critical
• CVE-2021-1734
  critical
• CVE-2021-25195
  critical
• CVE-2021-24086
  critical
• CVE-2021-1727
  critical
• CVE-2021-24102
  critical
• CVE-2021-24094
  critical
• CVE-2021-24076
  high
• CVE-2021-24078
  critical
• CVE-2021-24084
  high
• CVE-2021-24075
  high
• CVE-2021-24082
  warning
• CVE-2021-1731
  high
• CVE-2021-24083
  critical
• CVE-2021-24079
  high
• CVE-2021-24096
  critical
• CVE-2021-1722
  critical
• CVE-2021-24098
  high
• CVE-2021-24074
  critical
• CVE-2021-24088
  critical
• CVE-2021-24081
  critical
• CVE-2021-24077
  critical
• CVE-2021-1698
  critical
• CVE-2021-24106
  high
• CVE-2021-1732
  critical
• CVE-2021-24091
  critical
• CVE-2020-17162
  critical

Список KB

• 4571756
• 4570333
• 4577032
• 4577049
• 4577015
• 4577066
• 4574727
• 4577071
• 4601354
• 4601319
• 4601315
• 4601345
• 4601318
• 4601384
• 4601349
• 4601331
• 5008218
• 5008206
• 5008212

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com