Kaspersky ID:
KLA67434
Дата обнаружения:
14/05/2024
Обновлено:
21/05/2024

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Windows Cryptographic Services can be exploited remotely to execute arbitrary code.
  2. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
  3. An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
  4. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
  5. A security feature bypass vulnerability in Windows Mark of the Web can be exploited remotely to bypass security restrictions.
  6. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
  7. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
  8. A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.
  9. An information disclosure vulnerability in Windows Remote Access Connection Manager can be exploited remotely to obtain sensitive information.
  10. An elevation of privilege vulnerability in Windows CNG Key Isolation Service can be exploited remotely to gain privileges.
  11. An information disclosure vulnerability in Windows Deployment Services can be exploited remotely to obtain sensitive information.
  12. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
  13. An information disclosure vulnerability in Windows Cryptographic Services can be exploited remotely to obtain sensitive information.
  14. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
  15. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.

Первичный источник обнаружения

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2024-30010
    critical
  • CVE-2024-30025
    critical
  • CVE-2024-30015
    critical
  • CVE-2024-30009
    critical
  • CVE-2024-30028
    critical
  • CVE-2024-30019
    high
  • CVE-2024-30039
    high
  • CVE-2024-30031
    critical
  • CVE-2024-30024
    critical
  • CVE-2024-30016
    high
  • CVE-2024-30011
    high
  • CVE-2024-30049
    critical
  • CVE-2024-30014
    critical
  • CVE-2024-30027
    critical
  • CVE-2024-30050
    high
  • CVE-2024-30038
    critical
  • CVE-2024-30037
    critical
  • CVE-2024-30022
    critical
  • CVE-2024-29996
    critical
  • CVE-2024-30029
    critical
  • CVE-2024-30006
    critical
  • CVE-2024-30023
    critical
  • CVE-2024-30036
    high
  • CVE-2024-30020
    critical
  • CVE-2024-30030
    critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.