Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, spoof user interface, bypass security restrictions, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely to gain privileges.
2. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
3. A denial of service vulnerability in Microsoft Virtual Hard Disk (VHDX) can be exploited remotely to cause denial of service.
4. An elevation of privilege vulnerability in Microsoft Windows VMSwitch can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Windows USB Video Class System Driver can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Windows DWM Core Library can be exploited remotely to gain privileges.
7. A remote code execution vulnerability in Windows Telephony Service can be exploited remotely to execute arbitrary code.
8. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
9. An elevation of privilege vulnerability in Windows Registry can be exploited remotely to gain privileges.
10. A spoofing vulnerability in Windows DNS can be exploited remotely to spoof user interface.
11. An elevation of privilege vulnerability in Windows Secure Kernel Mode can be exploited remotely to gain privileges.
12. An elevation of privilege vulnerability in Windows Kernel-Mode Driver can be exploited remotely to gain privileges.
13. A remote code execution vulnerability in Windows KDC Proxy can be exploited remotely to execute arbitrary code.
14. An elevation of privilege vulnerability in Windows NT OS Kernel can be exploited remotely to gain privileges.
15. An elevation of privilege vulnerability in Windows Client-Side Caching can be exploited remotely to gain privileges.
16. An elevation of privilege vulnerability in Windows Hyper-V Shared Virtual Disk can be exploited remotely to gain privileges.
17. A denial of service vulnerability in Windows SMB can be exploited remotely to cause denial of service.
18. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
19. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
20. An elevation of privilege vulnerability in Windows Telephony Service can be exploited remotely to gain privileges.
21. A security feature bypass vulnerability in Windows Defender Application Control (WDAC) can be exploited remotely to bypass security restrictions.
22. A spoofing vulnerability in NTLM Hash Disclosure can be exploited remotely to spoof user interface.
23. A remote code execution vulnerability in Windows SMBv3 Server can be exploited remotely to execute arbitrary code.
24. An elevation of privilege vulnerability in Windows Task Scheduler can be exploited remotely to gain privileges.
25. An elevation of privilege vulnerability in Active Directory Certificate Services can be exploited remotely to gain privileges.
26. An information disclosure vulnerability in Windows Package Library Manager can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2024-43530
  CVE-2024-43636
  CVE-2024-38264
  CVE-2024-43625
  CVE-2024-43643
  CVE-2024-43449
  CVE-2024-43629
  CVE-2024-43621
  CVE-2024-43633
  CVE-2024-43638
  CVE-2024-43452
  CVE-2024-43450
  CVE-2024-43620
  CVE-2024-43646
  CVE-2024-43640
  CVE-2024-43639
  CVE-2024-43623
  CVE-2024-43644
  CVE-2024-43624
  CVE-2024-43635
  CVE-2024-43642
  CVE-2024-43630
  CVE-2024-49046
  CVE-2024-43626
  CVE-2024-43645
  CVE-2024-43641
  CVE-2024-43451
  CVE-2024-43627
  CVE-2024-43447
  CVE-2024-49039
  CVE-2024-43631
  CVE-2024-43634
  CVE-2024-43637
  CVE-2024-43622
  CVE-2024-49019
  CVE-2024-43628
  CVE-2024-38203
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019
• Microsoft-Windows-11
• Microsoft-Windows-Server-2022

Список CVE

• CVE-2024-43635
  high
• CVE-2024-43636
  high
• CVE-2024-43626
  high
• CVE-2024-49046
  high
• CVE-2024-43643
  high
• CVE-2024-43449
  high
• CVE-2024-43641
  high
• CVE-2024-43621
  high
• CVE-2024-43638
  high
• CVE-2024-43451
  high
• CVE-2024-43627
  high
• CVE-2024-43452
  high
• CVE-2024-43450
  high
• CVE-2024-43620
  high
• CVE-2024-43634
  high
• CVE-2024-43639
  critical
• CVE-2024-43637
  high
• CVE-2024-43622
  high
• CVE-2024-49019
  high
• CVE-2024-43628
  high
• CVE-2024-38203
  high
• CVE-2024-43623
  high
• CVE-2024-43644
  high
• CVE-2024-43530
  high
• CVE-2024-38264
  high
• CVE-2024-43625
  high
• CVE-2024-43629
  high
• CVE-2024-43633
  high
• CVE-2024-43646
  high
• CVE-2024-43640
  high
• CVE-2024-43624
  high
• CVE-2024-43642
  high
• CVE-2024-43630
  high
• CVE-2024-43645
  high
• CVE-2024-43447
  high
• CVE-2024-49039
  high
• CVE-2024-43631
  high

Список KB

• 5046633
• 5046616
• 5046615
• 5046613
• 5046618
• 5046696
• 5046612
• 5046617
• 5046665

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com