CVE-2021-34449
published 2021-07-16CVE-2021-34449: Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability
high7
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.2061 | 10.0.17763.2061 |
| microsoft | windows_10_version_1909 | >= 10.0.0 < 10.0.18363.1679 | 10.0.18363.1679 |
| microsoft | windows_10_version_2004 | >= 10.0.0 < 10.0.19041.1110 | 10.0.19041.1110 |
| microsoft | windows_10_version_20h2 | >= 10.0.0 < 10.0.19042.1110 | 10.0.19042.1110 |
| microsoft | windows_10_version_21h1 | >= 10.0.0 < 10.0.19043.1110 | 10.0.19043.1110 |
| microsoft | windows_server_2019 | >= 10.0.0 < 10.0.17763.2061 | 10.0.17763.2061 |
| microsoft | windows_server_version_2004 | >= 10.0.0 < 10.0.19041.1110 | 10.0.19041.1110 |
| microsoft | windows_server_version_20h2 | >= 10.0.0 < 10.0.19042.1110 | 10.0.19042.1110 |
| msrc | windows_10_version_1809_for_32-bit_systems | — | — |
| msrc | windows_10_version_1809_for_arm64-based_systems | — | — |
| msrc | windows_10_version_1809_for_x64-based_systems | — | — |
| msrc | windows_10_version_1909_for_32-bit_systems | — | — |
| msrc | windows_10_version_1909_for_arm64-based_systems | — | — |
| msrc | windows_10_version_1909_for_x64-based_systems | — | — |
| msrc | windows_10_version_2004_for_32-bit_systems | — | — |
| msrc | windows_10_version_2004_for_arm64-based_systems | — | — |
| msrc | windows_10_version_2004_for_x64-based_systems | — | — |
| msrc | windows_10_version_20h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_20h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_20h2_for_x64-based_systems | — | — |
| msrc | windows_10_version_21h1_for_32-bit_systems | — | — |
| msrc | windows_10_version_21h1_for_arm64-based_systems | — | — |
| msrc | windows_10_version_21h1_for_x64-based_systems | — | — |
| msrc | windows_server_2019 | — | — |
| msrc | windows_server_version_2004 | — | — |
GHSA
GHSA-r4gv-qfm6-c65r: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34516
ghsa_unreviewed·2022-05-24·CVSS 7.8
CVE-2021-34449 [HIGH] CWE-269 GHSA-r4gv-qfm6-c65r: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34516
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34516.
GHSA
GHSA-f679-g5v6-6qqr: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34449
ghsa_unreviewed·2022-05-24·CVSS 7.0
CVE-2021-34516 [HIGH] CWE-20 GHSA-f679-g5v6-6qqr: Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34449
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34449.
CVEList
Win32k Elevation of Privilege Vulnerability
cvelistv5·2021-07-16·CVSS 7.0
CVE-2021-34449 [HIGH] Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Microsoft
Win32k Elevation of Privilege Vulnerability
vendor_msrc·2021-07-13·CVSS 7.0
CVE-2021-34449 [HIGH] Win32k Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability
Windows Win32K: Windows Win32K
Microsoft: Microsoft
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244
Reference: https://support.microsoft.com/help/5004244
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004245
Reference: https://support.microsoft.com/help/5004245
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004237
Reference: https://support.microsoft.com/help/5004237
No detection rules found.
No public exploits indexed.
Talos
Microsoft Patch Tuesday for July 2021 — Snort rules and prominent vulnerabilities
blogs_talos·2021-07-13·CVSS 6.8
[MEDIUM] Microsoft Patch Tuesday for July 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Jaeson Schultz.
Microsoft released its monthly security update Tuesday, disclosing 117 vulnerabilities across its suite of products, by far the most in a month this year. Today’s Patch Tuesday includes three vulnerabilities that Microsoft states are being exploited in the wild, which we will cover in more detail.
There are 13 critical vulnerabilities patched in this month, and there is one low- and moderate-severity vulnerability each. The remainder are considered “important.”
Most notably, Microsoft has released an update to patch the “PrintNightmare” vulnerability in its print spooler function that could allow an attacker to execute remote code. This vulnerability was first disclosed in April, though security researchers later discovered it coul
Talos
Microsoft Patch Tuesday for July 2021 — Snort rules and prominent vulnerabilities
blogs_talos·2021-07-13·CVSS 6.8
[MEDIUM] Microsoft Patch Tuesday for July 2021 — Snort rules and prominent vulnerabilities
## Microsoft Patch Tuesday for July 2021 — Snort rules and prominent vulnerabilities
By Jon Munshaw, with contributions from Jaeson Schultz.
Microsoft released its monthly security update Tuesday, disclosing 117 vulnerabilities across its suite of products, by far the most in a month this year. Today’s Patch Tuesday includes three vulnerabilities that Microsoft states are being exploited in the wild, which we will cover in more detail.
There are 13 critical vulnerabilities patched in this month, and there is one low- and moderate-severity vulnerability each. The remainder are considered “important.”
Most notably, Microsoft has released an update to patch the “PrintNightmare” vulnerability in its print spooler function that could allow an attacker to execute remote code. This vulnerabil
Zscaler
Zscaler found Windows vulnerabilities | 07-13-2021
blogs_zscaler·CVSS 7.8
[HIGH] Zscaler found Windows vulnerabilities | 07-13-2021
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
2021-07-16
Published