Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges, spoof user interface, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Windows Kernel can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Windows Pragmatic General Multicast (PGM) can be exploited remotely to execute arbitrary code.
4. A denial of service vulnerability in Windows DNS Client can be exploited remotely to cause denial of service.
5. A remote code execution vulnerability in Microsoft ActiveX Data Objects can be exploited remotely to execute arbitrary code.
6. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
7. A DNSSEC verification vulnerability can be exploited remotely to cause denial of service.
8. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
9. An elevation of privilege vulnerability in Trusted Compute Base can be exploited remotely to gain privileges.
10. A denial of service vulnerability in Internet Connection Sharing (ICS) can be exploited remotely to cause denial of service.
11. A remote code execution vulnerability in Windows USB Generic Parent Driver can be exploited remotely to execute arbitrary code.
12. A remote code execution vulnerability in Microsoft WDAC ODBC Driver can be exploited remotely to execute arbitrary code.
13. An elevation of privilege vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to gain privileges.
14. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
15. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
16. A spoofing vulnerability in Windows Printing Service can be exploited remotely to spoof user interface.
17. A denial of service vulnerability in Windows Network Address Translation (NAT) can be exploited remotely to cause denial of service.
18. An information disclosure vulnerability in Windows DNS can be exploited remotely to obtain sensitive information.
19. A denial of service vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to cause denial of service.
20. A remote code execution vulnerability in Windows OLE can be exploited remotely to execute arbitrary code.
21. A security feature bypass vulnerability in Windows Kernel can be exploited remotely to bypass security restrictions.
22. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
23. A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
24. A security feature bypass vulnerability in Windows SmartScreen can be exploited remotely to bypass security restrictions.
25. A security feature bypass vulnerability in Internet Shortcut Files can be exploited remotely to bypass security restrictions.

Первичный источник обнаружения

• CVE-2024-21341
  CVE-2024-21365
  CVE-2024-21342
  CVE-2024-21359
  CVE-2024-21368
  CVE-2024-21367
  CVE-2024-21349
  CVE-2024-21340
  CVE-2023-50387
  CVE-2024-21338
  CVE-2024-21304
  CVE-2024-21348
  CVE-2024-21339
  CVE-2024-21360
  CVE-2024-21370
  CVE-2024-21353
  CVE-2024-21405
  CVE-2024-21355
  CVE-2024-21420
  CVE-2024-21358
  CVE-2024-21361
  CVE-2024-21369
  CVE-2024-21346
  CVE-2024-21406
  CVE-2024-21350
  CVE-2024-21345
  CVE-2024-21344
  CVE-2024-21371
  CVE-2024-21377
  CVE-2024-21354
  CVE-2024-21356
  CVE-2024-21391
  CVE-2024-21372
  CVE-2024-21343
  CVE-2024-21352
  CVE-2024-21375
  CVE-2024-21362
  CVE-2024-21347
  CVE-2024-21366
  CVE-2024-21363
  CVE-2024-21351
  CVE-2024-21412
  CVE-2024-21357
  CVE-2024-20684
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019
• Microsoft-Windows-11

Список CVE

• CVE-2024-21341
  high
• CVE-2024-21365
  critical
• CVE-2024-21357
  critical
• CVE-2024-21342
  critical
• CVE-2024-21359
  critical
• CVE-2024-21368
  critical
• CVE-2024-21367
  critical
• CVE-2024-21349
  critical
• CVE-2024-21340
  warning
• CVE-2023-50387
  critical
• CVE-2024-21338
  critical
• CVE-2024-21304
  warning
• CVE-2024-21348
  critical
• CVE-2024-21339
  high
• CVE-2024-21360
  critical
• CVE-2024-21370
  critical
• CVE-2024-21353
  critical
• CVE-2024-21405
  high
• CVE-2024-21355
  high
• CVE-2024-21420
  critical
• CVE-2024-21358
  critical
• CVE-2024-21361
  critical
• CVE-2024-20684
  high
• CVE-2024-21369
  critical
• CVE-2024-21346
  critical
• CVE-2024-21406
  critical
• CVE-2024-21350
  critical
• CVE-2024-21345
  critical
• CVE-2024-21344
  high
• CVE-2024-21371
  high
• CVE-2024-21377
  high
• CVE-2024-21354
  critical
• CVE-2024-21356
  high
• CVE-2024-21391
  critical
• CVE-2024-21372
  critical
• CVE-2024-21343
  critical
• CVE-2024-21352
  critical
• CVE-2024-21375
  critical
• CVE-2024-21362
  high
• CVE-2024-21347
  critical
• CVE-2024-21366
  critical
• CVE-2024-21363
  critical
• CVE-2024-21351
  critical
• CVE-2024-21412
  critical

Список KB

• 5034765
• 5034766
• 5034774
• 5034767
• 5034763
• 5034768
• 5034770
• 5034769

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com