Описание
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Standards-Based Storage Management Service can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Kernel Streaming Service Driver can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Mark of the Web can be exploited remotely to bypass security restrictions.
- A spoofing vulnerability in Windows MSHTML Platform can be exploited remotely to spoof user interface.
- A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft Windows Admin Center can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Security Zone Mapping can be exploited remotely to bypass security restrictions.
- An information disclosure vulnerability in Windows Kernel-Mode Driver can be exploited remotely to obtain sensitive information.
- A spoofing vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Networking can be exploited remotely to cause denial of service.
Первичный источник обнаружения
- CVE-2024-38250
CVE-2024-43454
CVE-2024-38260
CVE-2024-38247
CVE-2024-38230
CVE-2024-38245
CVE-2024-38231
CVE-2024-38014
CVE-2024-43487
CVE-2024-43461
CVE-2024-38236
CVE-2024-38240
CVE-2024-43475
CVE-2024-38239
CVE-2024-38263
CVE-2024-30073
CVE-2024-38256
CVE-2024-43455
CVE-2024-38217
CVE-2024-38249
CVE-2024-38258
CVE-2024-43467
CVE-2024-38234
Эксплуатация
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-Server-2008
Список CVE
- CVE-2024-38250 critical
- CVE-2024-43454 high
- CVE-2024-38260 critical
- CVE-2024-38247 critical
- CVE-2024-38230 high
- CVE-2024-38245 critical
- CVE-2024-38231 high
- CVE-2024-38014 critical
- CVE-2024-43487 high
- CVE-2024-43461 critical
- CVE-2024-38236 critical
- CVE-2024-38240 critical
- CVE-2024-43475 high
- CVE-2024-38239 high
- CVE-2024-38263 critical
- CVE-2024-30073 critical
- CVE-2024-38256 high
- CVE-2024-43455 critical
- CVE-2024-38217 high
- CVE-2024-38249 critical
- CVE-2024-38258 high
- CVE-2024-43467 critical
- CVE-2024-38234 high
Список KB
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!