Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows UPnP Device Host can be exploited remotely to gain privileges.
2. A remote code execution vulnerability in OpenType Font Parsing can be exploited remotely to execute arbitrary code.
3. An elevation of privilege vulnerability in Windows Update Stack Setup can be exploited remotely to gain privileges.
4. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
5. A remote code execution vulnerability in HEVC Video Extensions can be exploited remotely to execute arbitrary code.
6. An elevation of privilege vulnerability in Windows Update Service can be exploited remotely to gain privileges.
7. A denial of service vulnerability in User Profile Service can be exploited remotely to cause denial of service.
8. A security feature bypass vulnerability in Windows Admin Center can be exploited remotely to bypass security restrictions.
9. A denial of service vulnerability in Windows DNS Server can be exploited remotely to cause denial of service.
10. An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely to gain privileges.
11. A remote code execution vulnerability in Application Virtualization can be exploited remotely to execute arbitrary code.
12. A remote code execution vulnerability in Windows DNS Server can be exploited remotely to execute arbitrary code.
13. An elevation of privilege vulnerability in Windows WalletService can be exploited remotely to gain privileges.
14. An information disclosure vulnerability in Windows Event Tracing can be exploited remotely to obtain sensitive information.
15. A security feature bypass vulnerability in Windows Extensible Firmware Interface can be exploited remotely to bypass security restrictions.
16. An elevation of privilege vulnerability in Windows Error Reporting can be exploited remotely to gain privileges.
17. An elevation of privilege vulnerability in DirectX can be exploited remotely to gain privileges.
18. An elevation of privilege vulnerability in Microsoft Windows Folder Redirection can be exploited remotely to gain privileges.
19. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
20. An information disclosure vulnerability in Windows Media Photo Codec can be exploited remotely to obtain sensitive information.
21. An elevation of privilege vulnerability in Windows Event Tracing can be exploited remotely to gain privileges.
22. An elevation of privilege vulnerability in Windows Virtual Registry Provider can be exploited remotely to gain privileges.
23. An elevation of privilege vulnerability in Windows Container Execution Agent can be exploited remotely to gain privileges.
24. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
25. An elevation of privilege vulnerability in Windows 10 Update Assistant can be exploited remotely to gain privileges.
26. An information disclosure vulnerability in Windows ActiveX Installer Service can be exploited remotely to obtain sensitive information.
27. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
28. An elevation of privilege vulnerability in Storage Spaces Controller can be exploited remotely to gain privileges.
29. A denial of service vulnerability in Windows NAT can be exploited remotely to cause denial of service.
30. An elevation of privilege vulnerability in Windows Projected File System can be exploited remotely to gain privileges.
31. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
32. A remote code execution vulnerability in Microsoft Windows Media Foundation can be exploited remotely to execute arbitrary code.
33. An elevation of privilege vulnerability in Remote Access API can be exploited remotely to gain privileges.
34. An elevation of privilege vulnerability in Windows App-V Overlay Filter can be exploited remotely to gain privileges.
35. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
36. An elevation of privilege vulnerability in Windows Overlay Filter can be exploited remotely to gain privileges.
37. An elevation of privilege vulnerability in Windows User Profile Service can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2021-26899
  CVE-2021-26876
  CVE-2021-1729
  CVE-2021-26875
  CVE-2021-27048
  CVE-2021-26866
  CVE-2021-26902
  CVE-2021-26886
  CVE-2021-27066
  CVE-2021-27063
  CVE-2021-27050
  CVE-2021-26889
  CVE-2021-26890
  CVE-2021-26895
  CVE-2021-26885
  CVE-2021-24107
  CVE-2021-26892
  CVE-2021-24090
  CVE-2021-24110
  CVE-2021-24095
  CVE-2021-26887
  CVE-2021-24089
  CVE-2021-26878
  CVE-2021-27077
  CVE-2021-26894
  CVE-2021-26884
  CVE-2021-26898
  CVE-2021-26864
  CVE-2021-27061
  CVE-2021-26865
  CVE-2021-26891
  CVE-2021-26893
  CVE-2021-26896
  CVE-2021-26867
  CVE-2021-27049
  CVE-2021-27070
  CVE-2021-26869
  CVE-2021-26868
  CVE-2021-26877
  CVE-2021-1640
  CVE-2021-27062
  CVE-2021-26880
  CVE-2021-26879
  CVE-2021-26870
  CVE-2021-26897
  CVE-2021-26872
  CVE-2021-26861
  CVE-2021-26901
  CVE-2021-27047
  CVE-2021-26881
  CVE-2021-26900
  CVE-2021-27051
  CVE-2021-26882
  CVE-2021-26871
  CVE-2021-26860
  CVE-2021-26863
  CVE-2021-26862
  CVE-2021-26874
  CVE-2021-26873
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10

Список CVE

• CVE-2021-26899
  critical
• CVE-2021-26876
  critical
• CVE-2021-1729
  high
• CVE-2021-26875
  critical
• CVE-2021-27048
  critical
• CVE-2021-26866
  high
• CVE-2021-26902
  critical
• CVE-2021-26886
  high
• CVE-2021-27066
  warning
• CVE-2021-27063
  critical
• CVE-2021-27050
  critical
• CVE-2021-26889
  critical
• CVE-2021-26890
  critical
• CVE-2021-26895
  critical
• CVE-2021-26885
  critical
• CVE-2021-24107
  high
• CVE-2021-26892
  high
• CVE-2021-24090
  critical
• CVE-2021-24110
  critical
• CVE-2021-24095
  high
• CVE-2021-26887
  critical
• CVE-2021-24089
  critical
• CVE-2021-26878
  critical
• CVE-2021-27077
  critical
• CVE-2021-26894
  critical
• CVE-2021-26884
  high
• CVE-2021-26898
  critical
• CVE-2021-26864
  critical
• CVE-2021-27061
  critical
• CVE-2021-26865
  critical
• CVE-2021-26891
  critical
• CVE-2021-26893
  critical
• CVE-2021-26896
  critical
• CVE-2021-26867
  critical
• CVE-2021-27049
  critical
• CVE-2021-27070
  high
• CVE-2021-26869
  high
• CVE-2021-26868
  critical
• CVE-2021-26877
  critical
• CVE-2021-1640
  critical
• CVE-2021-27062
  critical
• CVE-2021-26880
  critical
• CVE-2021-26879
  critical
• CVE-2021-26870
  critical
• CVE-2021-26897
  critical
• CVE-2021-26872
  critical
• CVE-2021-26861
  critical
• CVE-2021-26901
  critical
• CVE-2021-27047
  critical
• CVE-2021-26881
  critical
• CVE-2021-26900
  critical
• CVE-2021-27051
  critical
• CVE-2021-26882
  critical
• CVE-2021-26871
  critical
• CVE-2021-26860
  critical
• CVE-2021-26863
  high
• CVE-2021-26862
  high
• CVE-2021-26874
  critical
• CVE-2021-26873
  high

Список KB

• 5000809
• 5000822
• 5000847
• 5000808
• 5000803
• 5000807
• 5000848
• 5000802
• 5000853
• 5000840

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com