Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Server for NFS can be exploited remotely to obtain sensitive information.
2. A remote code execution vulnerability in VP9 Video Extensions can be exploited remotely to execute arbitrary code.
3. An elevation of privilege vulnerability in Windows GPSVC can be exploited remotely to gain privileges.
4. An information disclosure vulnerability in Event Tracing for Windows can be exploited remotely to obtain sensitive information.
5. A remote code execution vulnerability in Windows MSHTML Platform can be exploited remotely to execute arbitrary code.
6. An elevation of privilege vulnerability in Microsoft Enhanced Cryptographic Provider can be exploited remotely to gain privileges.
7. A security feature bypass vulnerability in Windows TCP/IP Driver can be exploited remotely to bypass security restrictions.
8. An elevation of privilege vulnerability in Microsoft DWM Core Library can be exploited remotely to gain privileges.
9. A security feature bypass vulnerability in Windows HTML Platform can be exploited remotely to bypass security restrictions.
10. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
11. A security bypass vulnerability in Windows DCOM Server can be exploited remotely to bypass security restrictions.
12. An elevation of privilege vulnerability in Windows Kernel-Mode Driver can be exploited remotely to gain privileges.
13. A denial of service vulnerability in Server for NFS can be exploited remotely to cause denial of service.
14. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
15. A security feature bypass vulnerability in Kerberos AppContainer can be exploited remotely to bypass security restrictions.
16. An elevation of privilege vulnerability in Windows NTFS can be exploited remotely to gain privileges.
17. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
18. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
19. An elevation of privilege vulnerability in Windows Filter Manager can be exploited remotely to gain privileges.
20. An information disclosure vulnerability in Windows Bind Filter Driver can be exploited remotely to obtain sensitive information.
21. A denial of service vulnerability in Windows Remote Desktop Services can be exploited remotely to cause denial of service.
22. An elevation of privilege vulnerability in Windows NTLM can be exploited remotely to gain privileges.
23. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
24. An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
25. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.

Первичный источник обнаружения

• CVE-2021-31975
  CVE-2021-31967
  CVE-2021-31973
  CVE-2021-31972
  CVE-2021-33742
  CVE-2021-31976
  CVE-2021-31199
  CVE-2021-31201
  CVE-2021-31970
  CVE-2021-33739
  CVE-2021-31971
  CVE-2021-31951
  CVE-2021-26414
  CVE-2021-31952
  CVE-2021-31974
  CVE-2021-31955
  CVE-2021-31962
  CVE-2021-31956
  CVE-2021-31954
  CVE-2021-1675
  CVE-2021-31953
  CVE-2021-31960
  CVE-2021-31968
  CVE-2021-31958
  CVE-2021-31959
  CVE-2021-31969
  CVE-2021-31977
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10

Список CVE

• CVE-2021-31956
  critical
• CVE-2021-31973
  critical
• CVE-2021-33742
  critical
• CVE-2021-31954
  critical
• CVE-2021-31201
  high
• CVE-2021-31199
  high
• CVE-2021-1675
  critical
• CVE-2021-31953
  critical
• CVE-2021-31968
  critical
• CVE-2021-31958
  critical
• CVE-2021-31971
  high
• CVE-2021-26414
  warning
• CVE-2021-31959
  high
• CVE-2021-31962
  critical
• CVE-2021-31975
  critical
• CVE-2021-31967
  critical
• CVE-2021-31972
  high
• CVE-2021-31976
  critical
• CVE-2021-31970
  high
• CVE-2021-33739
  critical
• CVE-2021-31951
  critical
• CVE-2021-31952
  critical
• CVE-2021-31974
  critical
• CVE-2021-31955
  high
• CVE-2021-31960
  high
• CVE-2021-31969
  critical
• CVE-2021-31977
  critical

Список KB

• 5003636
• 5003681
• 5003637
• 5003671
• 5003646
• 5003638
• 5003635
• 5003687
• 5014699
• 5014738
• 5014746
• 5014701
• 5023698
• 5023702
• 5023696
• 5023697
• 5023705
• 5023787

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com