Kaspersky ID:
KLA77112
Дата обнаружения:
12/11/2024
Обновлено:
11/12/2024

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, spoof user interface, bypass security restrictions, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Windows Update Stack can be exploited remotely to gain privileges.
  2. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
  3. A denial of service vulnerability in Microsoft Virtual Hard Disk (VHDX) can be exploited remotely to cause denial of service.
  4. An elevation of privilege vulnerability in Microsoft Windows VMSwitch can be exploited remotely to gain privileges.
  5. An elevation of privilege vulnerability in Windows USB Video Class System Driver can be exploited remotely to gain privileges.
  6. An elevation of privilege vulnerability in Windows DWM Core Library can be exploited remotely to gain privileges.
  7. A remote code execution vulnerability in Windows Telephony Service can be exploited remotely to execute arbitrary code.
  8. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
  9. An elevation of privilege vulnerability in Windows Registry can be exploited remotely to gain privileges.
  10. A spoofing vulnerability in Windows DNS can be exploited remotely to spoof user interface.
  11. An elevation of privilege vulnerability in Windows Secure Kernel Mode can be exploited remotely to gain privileges.
  12. An elevation of privilege vulnerability in Windows Kernel-Mode Driver can be exploited remotely to gain privileges.
  13. A remote code execution vulnerability in Windows KDC Proxy can be exploited remotely to execute arbitrary code.
  14. An elevation of privilege vulnerability in Windows NT OS Kernel can be exploited remotely to gain privileges.
  15. An elevation of privilege vulnerability in Windows Client-Side Caching can be exploited remotely to gain privileges.
  16. An elevation of privilege vulnerability in Windows Hyper-V Shared Virtual Disk can be exploited remotely to gain privileges.
  17. A denial of service vulnerability in Windows SMB can be exploited remotely to cause denial of service.
  18. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
  19. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
  20. An elevation of privilege vulnerability in Windows Telephony Service can be exploited remotely to gain privileges.
  21. A security feature bypass vulnerability in Windows Defender Application Control (WDAC) can be exploited remotely to bypass security restrictions.
  22. A spoofing vulnerability in NTLM Hash Disclosure can be exploited remotely to spoof user interface.
  23. A remote code execution vulnerability in Windows SMBv3 Server can be exploited remotely to execute arbitrary code.
  24. An elevation of privilege vulnerability in Windows Task Scheduler can be exploited remotely to gain privileges.
  25. An elevation of privilege vulnerability in Active Directory Certificate Services can be exploited remotely to gain privileges.
  26. An information disclosure vulnerability in Windows Package Library Manager can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2024-43635
    critical
  • CVE-2024-43636
    critical
  • CVE-2024-43626
    critical
  • CVE-2024-49046
    critical
  • CVE-2024-43643
    high
  • CVE-2024-43449
    high
  • CVE-2024-43641
    critical
  • CVE-2024-43621
    critical
  • CVE-2024-43638
    high
  • CVE-2024-43451
    high
  • CVE-2024-43627
    critical
  • CVE-2024-43452
    critical
  • CVE-2024-43450
    critical
  • CVE-2024-43620
    critical
  • CVE-2024-43634
    high
  • CVE-2024-43639
    critical
  • CVE-2024-43637
    high
  • CVE-2024-43622
    critical
  • CVE-2024-49019
    critical
  • CVE-2024-43628
    critical
  • CVE-2024-38203
    high
  • CVE-2024-43623
    critical
  • CVE-2024-43644
    critical
  • CVE-2024-43530
    critical
  • CVE-2024-38264
    high
  • CVE-2024-43625
    critical
  • CVE-2024-43629
    critical
  • CVE-2024-43633
    high
  • CVE-2024-43646
    critical
  • CVE-2024-43640
    critical
  • CVE-2024-43624
    critical
  • CVE-2024-43642
    critical
  • CVE-2024-43630
    critical
  • CVE-2024-43645
    critical
  • CVE-2024-43447
    critical
  • CVE-2024-49039
    critical
  • CVE-2024-43631
    critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.