Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Windows Mobile Broadband Driver can be exploited remotely to execute arbitrary code.
3. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
4. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
5. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
7. A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.
8. An information disclosure vulnerability in Windows Remote Access Connection Manager can be exploited remotely to obtain sensitive information.
9. An elevation of privilege vulnerability in Windows CNG Key Isolation Service can be exploited remotely to gain privileges.
10. An elevation of privilege vulnerability in Windows DWM Core Library can be exploited remotely to gain privileges.
11. An information disclosure vulnerability in Windows Cryptographic Services can be exploited remotely to obtain sensitive information.
12. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
13. An elevation of privilege vulnerability in Microsoft Windows SCSI Class System File can be exploited remotely to gain privileges.
14. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
15. An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
16. An elevation of privilege vulnerability in Microsoft Brokering File System can be exploited remotely to gain privileges.
17. A security feature bypass vulnerability in Windows Mark of the Web can be exploited remotely to bypass security restrictions.
18. An information disclosure vulnerability in Windows DWM Core Library can be exploited remotely to obtain sensitive information.
19. A security feature bypass vulnerability in Windows MSHTML Platform can be exploited remotely to bypass security restrictions.
20. An elevation of privilege vulnerability in Windows Search Service can be exploited remotely to gain privileges.
21. An information disclosure vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to obtain sensitive information.
22. An elevation of privilege vulnerability in Microsoft PLUGScheduler Scheduled Task can be exploited remotely to gain privileges.
23. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
24. An information disclosure vulnerability in Windows Deployment Services can be exploited remotely to obtain sensitive information.
25. A remote code execution vulnerability in Windows Cryptographic Services can be exploited remotely to execute arbitrary code.

Первичный источник обнаружения

• CVE-2024-30010
  CVE-2024-29999
  CVE-2024-29998
  CVE-2024-30025
  CVE-2024-30015
  CVE-2024-30018
  CVE-2024-30009
  CVE-2024-30021
  CVE-2024-30028
  CVE-2024-30019
  CVE-2024-30039
  CVE-2024-30031
  CVE-2024-30032
  CVE-2024-30004
  CVE-2024-30024
  CVE-2024-30016
  CVE-2024-30011
  CVE-2024-29994
  CVE-2024-30049
  CVE-2024-30014
  CVE-2024-30005
  CVE-2024-30003
  CVE-2024-30027
  CVE-2024-29997
  CVE-2024-30007
  CVE-2024-30051
  CVE-2024-30050
  CVE-2024-30017
  CVE-2024-30038
  CVE-2024-30000
  CVE-2024-30008
  CVE-2024-30037
  CVE-2024-30012
  CVE-2024-30022
  CVE-2024-29996
  CVE-2024-30040
  CVE-2024-30033
  CVE-2024-30034
  CVE-2024-30029
  CVE-2024-30035
  CVE-2024-26238
  CVE-2024-30006
  CVE-2024-30001
  CVE-2024-30023
  CVE-2024-30002
  CVE-2024-30036
  CVE-2024-30020
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019
• Microsoft-Windows-11

Список CVE

• CVE-2024-30010
  critical
• CVE-2024-29999
  high
• CVE-2024-29998
  high
• CVE-2024-30025
  critical
• CVE-2024-30015
  critical
• CVE-2024-30018
  critical
• CVE-2024-30009
  critical
• CVE-2024-30021
  high
• CVE-2024-30028
  critical
• CVE-2024-30019
  high
• CVE-2024-30039
  high
• CVE-2024-30031
  critical
• CVE-2024-30032
  critical
• CVE-2024-30004
  high
• CVE-2024-30024
  critical
• CVE-2024-30016
  high
• CVE-2024-30011
  high
• CVE-2024-29994
  critical
• CVE-2024-30049
  critical
• CVE-2024-30014
  critical
• CVE-2024-30005
  high
• CVE-2024-30003
  high
• CVE-2024-30027
  critical
• CVE-2024-29997
  high
• CVE-2024-30007
  critical
• CVE-2024-30051
  critical
• CVE-2024-30050
  high
• CVE-2024-30017
  critical
• CVE-2024-30038
  critical
• CVE-2024-30000
  high
• CVE-2024-30008
  high
• CVE-2024-30037
  high
• CVE-2024-30012
  high
• CVE-2024-30022
  critical
• CVE-2024-29996
  critical
• CVE-2024-30040
  critical
• CVE-2024-30033
  high
• CVE-2024-30034
  high
• CVE-2024-30029
  critical
• CVE-2024-30035
  critical
• CVE-2024-26238
  critical
• CVE-2024-30006
  critical
• CVE-2024-30001
  high
• CVE-2024-30023
  critical
• CVE-2024-30002
  high
• CVE-2024-30036
  high
• CVE-2024-30020
  critical

Список KB

• 5037765
• 5037768
• 5037788
• 5037763
• 5037781
• 5037782
• 5037771
• 5037770
• 5037848

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com