Kaspersky ID:
KLA63958
Дата обнаружения:
13/02/2024
Обновлено:
16/04/2024

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges, spoof user interface, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Windows Kernel can be exploited remotely to execute arbitrary code.
  2. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
  3. A remote code execution vulnerability in Windows Pragmatic General Multicast (PGM) can be exploited remotely to execute arbitrary code.
  4. A denial of service vulnerability in Windows DNS Client can be exploited remotely to cause denial of service.
  5. A remote code execution vulnerability in Microsoft ActiveX Data Objects can be exploited remotely to execute arbitrary code.
  6. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
  7. A DNSSEC verification vulnerability can be exploited remotely to cause denial of service.
  8. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
  9. An elevation of privilege vulnerability in Trusted Compute Base can be exploited remotely to gain privileges.
  10. A denial of service vulnerability in Internet Connection Sharing (ICS) can be exploited remotely to cause denial of service.
  11. A remote code execution vulnerability in Windows USB Generic Parent Driver can be exploited remotely to execute arbitrary code.
  12. A remote code execution vulnerability in Microsoft WDAC ODBC Driver can be exploited remotely to execute arbitrary code.
  13. An elevation of privilege vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to gain privileges.
  14. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
  15. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
  16. A spoofing vulnerability in Windows Printing Service can be exploited remotely to spoof user interface.
  17. A denial of service vulnerability in Windows Network Address Translation (NAT) can be exploited remotely to cause denial of service.
  18. An information disclosure vulnerability in Windows DNS can be exploited remotely to obtain sensitive information.
  19. A denial of service vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to cause denial of service.
  20. A remote code execution vulnerability in Windows OLE can be exploited remotely to execute arbitrary code.
  21. A security feature bypass vulnerability in Windows Kernel can be exploited remotely to bypass security restrictions.
  22. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
  23. A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
  24. A security feature bypass vulnerability in Windows SmartScreen can be exploited remotely to bypass security restrictions.
  25. A security feature bypass vulnerability in Internet Shortcut Files can be exploited remotely to bypass security restrictions.
 
 

 

 

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2024-21341
    high
  • CVE-2024-21365
    critical
  • CVE-2024-21357
    critical
  • CVE-2024-21342
    critical
  • CVE-2024-21359
    critical
  • CVE-2024-21368
    critical
  • CVE-2024-21367
    critical
  • CVE-2024-21349
    critical
  • CVE-2024-21340
    warning
  • CVE-2023-50387
    critical
  • CVE-2024-21338
    critical
  • CVE-2024-21304
    warning
  • CVE-2024-21348
    critical
  • CVE-2024-21339
    high
  • CVE-2024-21360
    critical
  • CVE-2024-21370
    critical
  • CVE-2024-21353
    critical
  • CVE-2024-21405
    high
  • CVE-2024-21355
    high
  • CVE-2024-21420
    critical
  • CVE-2024-21358
    critical
  • CVE-2024-21361
    critical
  • CVE-2024-20684
    high
  • CVE-2024-21369
    critical
  • CVE-2024-21346
    critical
  • CVE-2024-21406
    critical
  • CVE-2024-21350
    critical
  • CVE-2024-21345
    critical
  • CVE-2024-21344
    high
  • CVE-2024-21371
    high
  • CVE-2024-21377
    high
  • CVE-2024-21354
    critical
  • CVE-2024-21356
    high
  • CVE-2024-21391
    critical
  • CVE-2024-21372
    critical
  • CVE-2024-21343
    critical
  • CVE-2024-21352
    critical
  • CVE-2024-21375
    critical
  • CVE-2024-21362
    high
  • CVE-2024-21347
    critical
  • CVE-2024-21366
    critical
  • CVE-2024-21363
    critical
  • CVE-2024-21351
    critical
  • CVE-2024-21412
    critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Confirm changes?
Your message has been sent successfully.