Описание
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, obtain sensitive information.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Windows Cryptographic Services can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Mark of the Web can be exploited remotely to bypass security restrictions.
- A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
- A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Windows Remote Access Connection Manager can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows CNG Key Isolation Service can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Deployment Services can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows Cryptographic Services can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
Первичный источник обнаружения
- CVE-2024-30020
CVE-2024-30010
CVE-2024-30027
CVE-2024-30025
CVE-2024-30050
CVE-2024-30015
CVE-2024-30038
CVE-2024-30037
CVE-2024-30014
CVE-2024-30009
CVE-2024-30022
CVE-2024-29996
CVE-2024-30028
CVE-2024-30019
CVE-2024-30039
CVE-2024-30031
CVE-2024-30029
CVE-2024-30036
CVE-2024-30030
CVE-2024-30006
CVE-2024-30024
CVE-2024-30016
CVE-2024-30011
CVE-2024-30023
CVE-2024-30049
Эксплуатация
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
Список CVE
- CVE-2024-30010 critical
- CVE-2024-30025 critical
- CVE-2024-30015 critical
- CVE-2024-30009 critical
- CVE-2024-30028 critical
- CVE-2024-30019 high
- CVE-2024-30039 high
- CVE-2024-30031 critical
- CVE-2024-30024 critical
- CVE-2024-30016 high
- CVE-2024-30011 high
- CVE-2024-30049 critical
- CVE-2024-30014 critical
- CVE-2024-30027 critical
- CVE-2024-30050 high
- CVE-2024-30038 critical
- CVE-2024-30037 critical
- CVE-2024-30022 critical
- CVE-2024-29996 critical
- CVE-2024-30029 critical
- CVE-2024-30006 critical
- CVE-2024-30023 critical
- CVE-2024-30036 high
- CVE-2024-30020 critical
- CVE-2024-30030 critical
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!