Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Windows Event Tracing can be exploited remotely to obtain sensitive information.
2. A security feature bypass vulnerability in Windows Early Launch Antimalware Driver can be exploited remotely to bypass security restrictions.
3. An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
4. A remote code execution vulnerability in Remote Procedure Call Runtime can be exploited remotely to execute arbitrary code.
5. A security feature bypass vulnerability in Azure AD Web Sign-in can be exploited remotely to bypass security restrictions.
6. A remote code execution vulnerability in Raw Image Extension can be exploited remotely to execute arbitrary code.
7. A denial of service vulnerability in Windows Console Driver can be exploited remotely to cause denial of service.
8. An information disclosure vulnerability in Windows Overlay Filter can be exploited remotely to obtain sensitive information.
9. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
10. A remote code execution vulnerability in Windows Media Video Decoder can be exploited remotely to execute arbitrary code.
11. A spoofing vulnerability in Windows Installer can be exploited remotely to spoof user interface.
12. A remote code execution vulnerability in Microsoft Internet Messaging API can be exploited remotely to execute arbitrary code.
13. A security feature bypass vulnerability in Windows Hyper-V can be exploited remotely to bypass security restrictions.
14. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
15. An elevation of privilege vulnerability in RPC Endpoint Mapper Service can be exploited remotely to gain privileges.
16. An information disclosure vulnerability in Windows SMB can be exploited remotely to obtain sensitive information.
17. An information disclosure vulnerability in Windows Hyper-V can be exploited remotely to obtain sensitive information.
18. An elevation of privilege vulnerability in Windows Resource Manager PSM Service Extension can be exploited remotely to gain privileges.
19. An elevation of privilege vulnerability in Diagnostics Hub Standard Collector Service can be exploited remotely to gain privileges.
20. A remote code execution vulnerability in Windows GDI+ can be exploited remotely to execute arbitrary code.
21. An elevation of privilege vulnerability in Windows Services and Controller App can be exploited remotely to gain privileges.
22. An information disclosure vulnerability in Windows Media Photo Codec can be exploited remotely to obtain sensitive information.
23. An information disclosure vulnerability in Windows GDI+ can be exploited remotely to obtain sensitive information.
24. A denial of service vulnerability in Windows NTFS can be exploited remotely to cause denial of service.
25. An information disclosure vulnerability in Windows Portmapping can be exploited remotely to obtain sensitive information.
26. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
27. An elevation of privilege vulnerability in Windows Event Tracing can be exploited remotely to gain privileges.
28. A denial of service vulnerability in Windows TCP/IP Driver can be exploited remotely to cause denial of service.
29. A denial of service vulnerability in Windows Application Compatibility Cache can be exploited remotely to cause denial of service.
30. An information disclosure vulnerability in Windows DNS can be exploited remotely to obtain sensitive information.
31. An elevation of privilege vulnerability in Windows Secure Kernel Mode can be exploited remotely to gain privileges.
32. An elevation of privilege vulnerability in Windows Speech Runtime can be exploited remotely to gain privileges.
33. An information disclosure vulnerability in Microsoft Windows Codecs Library can be exploited remotely to obtain sensitive information.
34. An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
35. A remote code execution vulnerability in VP9 Video Extensions can be exploited remotely to execute arbitrary code.
36. An information disclosure vulnerability in Windows Installer can be exploited remotely to obtain sensitive information.
37. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
38. A security feature bypass vulnerability in Windows WLAN AutoConfig Service can be exploited remotely to bypass security restrictions.
39. A denial of service vulnerability in Windows AppX Deployment Server can be exploited remotely to cause denial of service.
40. A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
41. An information disclosure vulnerability in Windows TCP/IP can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2021-28435
  CVE-2021-28447
  CVE-2021-27096
  CVE-2021-28330
  CVE-2021-28338
  CVE-2021-27092
  CVE-2021-28329
  CVE-2021-28468
  CVE-2021-28438
  CVE-2021-26417
  CVE-2021-28332
  CVE-2021-28309
  CVE-2021-28342
  CVE-2021-27095
  CVE-2021-28334
  CVE-2021-26413
  CVE-2021-27089
  CVE-2021-27094
  CVE-2021-28358
  CVE-2021-28444
  CVE-2021-28336
  CVE-2021-28440
  CVE-2021-27091
  CVE-2021-28325
  CVE-2021-28441
  CVE-2021-28320
  CVE-2021-28322
  CVE-2021-28350
  CVE-2021-28335
  CVE-2021-28352
  CVE-2021-27086
  CVE-2021-27079
  CVE-2021-28340
  CVE-2021-28318
  CVE-2021-28312
  CVE-2021-28446
  CVE-2021-27072
  CVE-2021-28331
  CVE-2021-27088
  CVE-2021-28319
  CVE-2021-28311
  CVE-2021-28466
  CVE-2021-28356
  CVE-2021-28328
  CVE-2021-28349
  CVE-2021-28439
  CVE-2021-28313
  CVE-2021-28315
  CVE-2021-28344
  CVE-2021-27090
  CVE-2021-28355
  CVE-2021-28339
  CVE-2021-28351
  CVE-2021-28347
  CVE-2021-27093
  CVE-2021-28317
  CVE-2021-28345
  CVE-2021-28314
  CVE-2021-28464
  CVE-2021-28333
  CVE-2021-28323
  CVE-2021-28434
  CVE-2021-28437
  CVE-2021-26416
  CVE-2021-28316
  CVE-2021-28341
  CVE-2021-28321
  CVE-2021-28436
  CVE-2021-28337
  CVE-2021-28357
  CVE-2021-28310
  CVE-2021-28324
  CVE-2021-28326
  CVE-2021-28445
  CVE-2021-28346
  CVE-2021-28327
  CVE-2021-28353
  CVE-2021-26415
  CVE-2021-28443
  CVE-2021-28442
  CVE-2021-28348
  CVE-2021-28354
  CVE-2021-28343
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Visual-Studio
• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10

Список CVE

• CVE-2021-28435
  high
• CVE-2021-28447
  warning
• CVE-2021-27096
  critical
• CVE-2021-28330
  critical
• CVE-2021-28338
  critical
• CVE-2021-27092
  high
• CVE-2021-28329
  critical
• CVE-2021-28468
  critical
• CVE-2021-28438
  high
• CVE-2021-26417
  high
• CVE-2021-28332
  critical
• CVE-2021-28309
  high
• CVE-2021-28342
  critical
• CVE-2021-27095
  critical
• CVE-2021-28334
  critical
• CVE-2021-26413
  high
• CVE-2021-27089
  critical
• CVE-2021-27094
  warning
• CVE-2021-28358
  critical
• CVE-2021-28444
  high
• CVE-2021-28336
  critical
• CVE-2021-28440
  high
• CVE-2021-27091
  critical
• CVE-2021-28325
  high
• CVE-2021-28441
  high
• CVE-2021-28320
  critical
• CVE-2021-28322
  critical
• CVE-2021-28350
  critical
• CVE-2021-28335
  critical
• CVE-2021-28352
  critical
• CVE-2021-27086
  critical
• CVE-2021-27079
  high
• CVE-2021-28340
  critical
• CVE-2021-28318
  high
• CVE-2021-28312
  warning
• CVE-2021-28446
  high
• CVE-2021-27072
  high
• CVE-2021-28331
  critical
• CVE-2021-27088
  critical
• CVE-2021-28319
  critical
• CVE-2021-28311
  high
• CVE-2021-28466
  critical
• CVE-2021-28356
  critical
• CVE-2021-28328
  high
• CVE-2021-28349
  critical
• CVE-2021-28439
  critical
• CVE-2021-28313
  critical
• CVE-2021-28315
  critical
• CVE-2021-28344
  critical
• CVE-2021-27090
  critical
• CVE-2021-28355
  critical
• CVE-2021-28339
  critical
• CVE-2021-28351
  critical
• CVE-2021-28347
  critical
• CVE-2021-27093
  high
• CVE-2021-28317
  high
• CVE-2021-28345
  critical
• CVE-2021-28314
  critical
• CVE-2021-28464
  critical
• CVE-2021-28333
  critical
• CVE-2021-28323
  high
• CVE-2021-28434
  critical
• CVE-2021-28437
  high
• CVE-2021-26416
  critical
• CVE-2021-28316
  warning
• CVE-2021-28341
  critical
• CVE-2021-28321
  critical
• CVE-2021-28436
  critical
• CVE-2021-28337
  critical
• CVE-2021-28357
  critical
• CVE-2021-28310
  critical
• CVE-2021-28324
  critical
• CVE-2021-28326
  high
• CVE-2021-28445
  critical
• CVE-2021-28346
  critical
• CVE-2021-28327
  critical
• CVE-2021-28353
  critical
• CVE-2021-26415
  critical
• CVE-2021-28443
  high
• CVE-2021-28442
  high
• CVE-2021-28348
  critical
• CVE-2021-28354
  critical
• CVE-2021-28343
  critical

Список KB

• 5001347
• 5001330
• 5001337
• 5001383
• 5001387
• 5001393
• 5001342
• 5001382
• 5001339
• 5001340

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com