Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows Redirected Drive Buffering System can be exploited remotely to gain privileges.
2. An information disclosure vulnerability in Windows Redirected Drive Buffering SubSystem Driver can be exploited remotely to obtain sensitive information.
3. An information disclosure vulnerability in Windows Installer can be exploited remotely to obtain sensitive information.
4. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
5. A denial of service vulnerability in Windows Installer can be exploited remotely to cause denial of service.
6. An elevation of privilege vulnerability in Windows Event Tracing can be exploited remotely to gain privileges.
7. A security feature bypass vulnerability in BitLocker can be exploited remotely to bypass security restrictions.
8. A remote code execution vulnerability in Microsoft MPEG-2 Video Extension can be exploited remotely to execute arbitrary code.
9. An elevation of privilege vulnerability in Windows WLAN AutoConfig Service can be exploited remotely to gain privileges.
10. A spoofing vulnerability in Windows Authenticode can be exploited remotely to spoof user interface.
11. An information disclosure vulnerability in Windows SMB can be exploited remotely to obtain sensitive information.
12. An elevation of privilege vulnerability in Microsoft Windows Update Client can be exploited remotely to gain privileges.
13. A memory corruption vulnerability in Windows Scripting Engine can be exploited remotely to execute arbitrary code.
14. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
15. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
16. An elevation of privilege vulnerability in Windows SMB can be exploited remotely to gain privileges.
17. An information disclosure vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to obtain sensitive information.
18. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
19. An elevation of privilege vulnerability in Windows Subsystem for Linux can be exploited remotely to gain privileges.
20. A remote code execution vulnerability in Windows WLAN AutoConfig Service can be exploited remotely to execute arbitrary code.
21. A security feature bypass vulnerability in Windows Key Storage Provider can be exploited remotely to bypass security restrictions.
22. A remote code execution vulnerability in HEVC Video Extensions can be exploited remotely to execute arbitrary code.
23. An elevation of privilege vulnerability in Windows Bind Filter Driver can be exploited remotely to gain privileges.
24. An information disclosure vulnerability in Windows Storage can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2021-36973
  CVE-2021-38635
  CVE-2021-36962
  CVE-2021-38628
  CVE-2021-36961
  CVE-2021-38638
  CVE-2021-36964
  CVE-2021-38632
  CVE-2021-38644
  CVE-2021-36967
  CVE-2021-36959
  CVE-2021-36960
  CVE-2021-38636
  CVE-2021-38634
  CVE-2021-36972
  CVE-2021-36969
  CVE-2021-26435
  CVE-2021-36955
  CVE-2021-38630
  CVE-2021-38671
  CVE-2021-40447
  CVE-2021-36974
  CVE-2021-38629
  CVE-2021-38639
  CVE-2021-36966
  CVE-2021-38667
  CVE-2021-36965
  CVE-2021-36963
  CVE-2021-38624
  CVE-2021-38661
  CVE-2021-36954
  CVE-2021-38633
  CVE-2021-36975
  CVE-2021-38637
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008
• Windows-RT
• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019

Список CVE

• CVE-2021-38635
  unknown
• CVE-2021-36962
  unknown
• CVE-2021-38628
  unknown
• CVE-2021-36961
  unknown
• CVE-2021-38671
  unknown
• CVE-2021-26435
  unknown
• CVE-2021-38630
  unknown
• CVE-2021-36969
  unknown
• CVE-2021-36955
  unknown
• CVE-2021-38638
  unknown
• CVE-2021-36964
  unknown
• CVE-2021-38629
  unknown
• CVE-2021-40447
  unknown
• CVE-2021-38639
  unknown
• CVE-2021-36959
  unknown
• CVE-2021-38667
  unknown
• CVE-2021-38636
  unknown
• CVE-2021-36960
  unknown
• CVE-2021-36965
  unknown
• CVE-2021-36963
  unknown
• CVE-2021-38633
  unknown
• CVE-2021-36973
  unknown
• CVE-2021-38632
  unknown
• CVE-2021-38644
  unknown
• CVE-2021-36967
  unknown
• CVE-2021-38634
  unknown
• CVE-2021-36972
  unknown
• CVE-2021-36974
  unknown
• CVE-2021-36966
  unknown
• CVE-2021-38624
  unknown
• CVE-2021-38661
  unknown
• CVE-2021-36954
  unknown
• CVE-2021-36975
  unknown
• CVE-2021-38637
  unknown

Список KB

• 5005613
• 5005568
• 5005575
• 5005627
• 5005565
• 5005623
• 5005573
• 5005569
• 5005566
• 5005607
• 5006699
• 5006672
• 5006674
• 5006670
• 5006667

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com