Kaspersky Threats

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

A remote code execution vulnerability in Windows Remote Desktop Services can be exploited remotely to execute arbitrary code.
An information disclosure vulnerability in Windows File Explorer can be exploited remotely to obtain sensitive information.
A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
A denial of service vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to cause denial of service.
A remote code execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Input Method Editor (IME) can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows Task Scheduler can be exploited remotely to gain privileges.
A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Remote Desktop Client can be exploited remotely to execute arbitrary code.
A denial of service vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to cause denial of service.
A remote code execution vulnerability in Windows IP Routing Management Snapin can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Windows Domain Name Service can be exploited remotely to execute arbitrary code.
A denial of service vulnerability in Windows Remote Desktop Gateway (RD Gateway) can be exploited remotely to cause denial of service.
A remote code execution vulnerability in Lightweight Directory Access Protocol (LDAP) Client can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Windows Local Security Authority Subsystem Service (LSASS) can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

CVE-2024-49104
critical
CVE-2024-49090
critical
CVE-2024-49113
critical
CVE-2024-49112
critical
CVE-2024-49127
critical
CVE-2024-49089
high
CVE-2024-49079
critical
CVE-2024-49122
critical
CVE-2024-49121
critical
CVE-2024-49129
critical
CVE-2024-49124
critical
CVE-2024-49120
critical
CVE-2024-49126
critical
CVE-2024-49125
critical
CVE-2024-49118
critical
CVE-2024-49102
critical
CVE-2024-49084
high
CVE-2024-49128
critical
CVE-2024-49082
high
CVE-2024-49072
critical
CVE-2024-49105
critical
CVE-2024-49080
critical
CVE-2024-49088
critical
CVE-2024-49096
critical
CVE-2024-49091
high
CVE-2024-49086
critical
CVE-2024-49138
critical
CVE-2024-49085
critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!