CVE-2024-26182
published 2024-03-12CVE-2024-26182: Windows Kernel Elevation of Privilege Vulnerability
PriorityP347high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
5.62%
91.9th percentile
Windows Kernel Elevation of Privilege Vulnerability
Affected
26 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_10_1607 | < 10.0.14393.6796 | 10.0.14393.6796 |
| microsoft | windows_10_1809 | < 10.0.17763.5576 | 10.0.17763.5576 |
| microsoft | windows_10_21h2 | < 10.0.19044.4170 | 10.0.19044.4170 |
| microsoft | windows_10_22h2 | < 10.0.19045.4170 | 10.0.19045.4170 |
| microsoft | windows_10_version_1607 | >= 10.0.14393.0 < 10.0.14393.6796 | 10.0.14393.6796 |
| microsoft | windows_10_version_1809 | >= 10.0.0 < 10.0.17763.5576 | 10.0.17763.5576 |
| microsoft | windows_10_version_1809 | >= 10.0.17763.0 < 10.0.17763.5576 | 10.0.17763.5576 |
| microsoft | windows_10_version_21h2 | >= 10.0.19043.0 < 10.0.19044.4170 | 10.0.19044.4170 |
| microsoft | windows_10_version_22h2 | >= 10.0.19045.0 < 10.0.19045.4170 | 10.0.19045.4170 |
| microsoft | windows_server_2016 | < 10.0.14393.6796 | 10.0.14393.6796 |
| microsoft | windows_server_2016 | >= 10.0.14393.0 < 10.0.14393.6796 | 10.0.14393.6796 |
| microsoft | windows_server_2019 | < 10.0.17763.5576 | 10.0.17763.5576 |
| microsoft | windows_server_2019 | >= 10.0.17763.0 < 10.0.17763.5576 | 10.0.17763.5576 |
| msrc | windows_10_version_1607_for_32-bit_systems | — | — |
| msrc | windows_10_version_1607_for_x64-based_systems | — | — |
| msrc | windows_10_version_1809_for_32-bit_systems | — | — |
| msrc | windows_10_version_1809_for_arm64-based_systems | — | — |
| msrc | windows_10_version_1809_for_x64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_21h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_21h2_for_x64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_32-bit_systems | — | — |
| msrc | windows_10_version_22h2_for_arm64-based_systems | — | — |
| msrc | windows_10_version_22h2_for_x64-based_systems | — | — |
| msrc | windows_server_2016 | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Windows Kernel Elevation of Privilege Vulnerability
vendor_msrc·2024-03-12·CVSS 7.8
CVE-2024-26182 [HIGH] CWE-416 Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability?
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.
Windows Kernel: Windows Kernel
Microsoft: Microsoft
Customer Action Required: Yes
Impact: Elevation of Privilege
Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;DOS:N/A
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5035849
Reference: https://support.microsoft.com/help/5035849
Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5035845
Reference: https://support.microsoft.com/help/5035845
Reference: https://catalog.update.microsoft.com/v7/site/Searc
Project0
The Windows Registry Adventure #7: Attack surface analysis - Project Zero
project_zero·2025-05-01
CVE-2010-0237 The Windows Registry Adventure #7: Attack surface analysis - Project Zero
Posted by Mateusz Jurczyk, Google Project Zero
In the first three blog posts of this series, I sought to outline what the Windows Registry actually is, its role, history, and where to find further information about it. In the subsequent three posts, my goal was to describe in detail how this mechanism works internally – from the perspective of its clients (e.g., user-mode applications running on Windows), the regf format used to encode hives, and finally the kernel itself, which contains its canonical implementation. I believe all these elements are essential for painting a complete picture of this subsystem, and in a way, it shows my own approach to security research. One could say that going through this tedious process of getting to know the target unnecessarily lengthens the total
Project0
The Windows Registry Adventure #5: The regf file format - Project Zero
project_zero·2024-12-01
CVE-2015-0073 The Windows Registry Adventure #5: The regf file format - Project Zero
Posted by Mateusz Jurczyk, Google Project Zero
As previously mentioned in the second installment of the blog post series ("A brief history of the feature"), the binary format used to encode registry hives from Windows NT 3.1 up to the modern Windows 11 is called regf. In a way, it is quite special, because it represents a registry subtree simultaneously on disk and in memory, as opposed to most other common file formats. Documents, images, videos, etc. are generally designed to store data efficiently on disk, and they are subsequently parsed to and from different in-memory representations whenever they are read or written. This seems only natural, as offline storage and RAM come with different constraints and requirements. On disk, it is important that the data is packed as tightly as
Project0
The Windows Registry Adventure #1: Introduction and research results - Project Zero
project_zero·2024-04-01
CVE-2022-34707 The Windows Registry Adventure #1: Introduction and research results - Project Zero
Posted by Mateusz Jurczyk, Google Project Zero
In the 20-month period between May 2022 and December 2023, I thoroughly audited the Windows Registry in search of local privilege escalation bugs. It all started unexpectedly: I was in the process of developing a coverage-based Windows kernel fuzzer based on the Bochs x86 emulator (one of my favorite tools for security research: see Bochspwn, Bochspwn Reloaded, and my earlier font fuzzing infrastructure), and needed some binary formats to test it on. My first pick were PE files: they are very popular in the Windows environment, which makes it easy to create an initial corpus of input samples, and a basic fuzzing harness is equally easy to develop with just a single GetFileVersionInfoSizeW API call. The test was successful: even though I h
GHSA
GHSA-75q6-q84v-3c56: Windows Kernel Elevation of Privilege Vulnerability
ghsa_unreviewed·2024-03-12
CVE-2024-26182 [HIGH] CWE-416 GHSA-75q6-q84v-3c56: Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
No detection rules found.
No public exploits indexed.
Krebs
Patch Tuesday, March 2024 Edition
blogs_krebs·2024-03-12·CVSS 7.1
[HIGH] Patch Tuesday, March 2024 Edition
Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS. Meanwhile, Apple’s new macOS Sonoma addresses at least 68 security weaknesses, and its latest update for iOS fixes two zero-day flaws.
Last week, Apple pushed out an urgent software update to its flagship iOS platform, warning that there were at least two zero-day exploits for vulnerabilities being used in the wild (CVE-2024-23225 and CVE-2024-23296). The security updates are available in iOS 17.4, iPadOS 17.4, and iOS 16.7.6.
Apple’s macOS Sonoma 14.4 Security Update addresses dozens of security issues. Jason Kitka, chief information security officer at Automox, said the vulnerabilities patched in this u
Bleepingcomputer
Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs
blogs_bleepingcomputer·2024-03-12·CVSS 5.5
[MEDIUM] Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs
## Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs
## Lawrence Abrams
24 Elevation of Privilege Vulnerabilities
3 Security Feature Bypass Vulnerabilities
18 Remote Code Execution Vulnerabilities
6 Information Disclosure Vulnerabilities
6 Denial of Service Vulnerabilities
2 Spoofing Vulnerabilities
The total count of 60 flaws does not include 4 Microsoft Edge flaws fixed on March 7th.
Furthermore, Microsoft did not disclose any zero-days as part of today's Patch Tuesday updates.
To learn more about the non-security updates released today, you can review our dedicated articles on the new Windows 11 KB5035853 update and the Windows 10 KB5035845 update .
## Flaws of interest
This month's Patch Tuesday does not fix any zero-day vulnerabilities but does include some in
Qualys
Microsoft and Adobe Patch Tuesday, March 2024 Security Update Review
blogs_qualys·2024-03-12
Microsoft and Adobe Patch Tuesday, March 2024 Security Update Review
## Table of Contents
Microsoft Patch Tuesday for March 2024
Adobe Patches for March 2024
Other Critical Severity Vulnerabilities Patched in March Patch Tuesday Edition
Other Microsoft Vulnerability Highlights
Microsoft Release Summary
Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
Rapid Response with Patch Management (PM)
Qualys Monthly Webinar Series
Welcome to another insightful dive into Microsoft’s Patch Tuesday! This month’s security updates address a significant number of CVEs, underscoring the ongoing battle against digital vulnerabilities. We invite you to join us to review and discuss the details of these security updates and patches.
## Microsoft Patch Tuesday for March 2024
Microsoft Patch Tuesday’s March 2024 edition
Tenable
Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-21407)
blogs_tenable·2024-03-12·CVSS 8.1
[HIGH] Microsoft’s March 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-21407)
## Cloud Exposure
Tenable Cloud Security (CNAPP) Request a demo
Tenable Cloud Vulnerability Management Request a demo
Tenable CIEM Request a demo
Secure your cloud
## Vulnerability Exposure
Tenable Vulnerability Management Try for free
Tenable Security Center Request a demo
Tenable Web App Scanning Try for free
Tenable Patch Management Request a demo
Tenable Enclave Security Request a demo
Tenable Attack Surface Management Request a demo
Tenable Nessus Try for free
## AI Exposure
Tenable AI Exposure Request a demo
## OT/IoT Exposure
Tenable OT Security Request a demo
## Identity Exposure
Tenable Identity Exposure Request a demo
## Business needs
Active Directory
AI Security Posture Management (AI-SPM)
AWS security
Azure security
Cloud Security Posture Man
Trendmicro
The March 2024 Security Update Review
blogs_trendmicro·2024-03-12
The March 2024 Security Update Review
# The March 2024 Security Update Review
Get the March 2024 security update and review.
By: Dustin Childs
2024/03/12
Read time: ( words)
Save to Folio
It’s the second Tuesday of the month, and Adobe and Microsoft have released a fresh crop of security updates. Take a break from your other activities and join us as we review the details of their latest advisories. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Adobe Patches for March 2024
For March, Adobe released six patches addressing 56 vulnerabilities in Adobe Experience Manager, Premiere Pro, ColdFusion, Adobe Bridge, Lightroom, and Adobe Animate. Two of these bugs were submitted through the ZDI Program. The largest is the update for Experience Manager, which addresses 44 CVEs.
Trendmicro
The March 2024 Security Update Review
blogs_trendmicro·2024-03-12
The March 2024 Security Update Review
## The March 2024 Security Update Review
Get the March 2024 security update and review.
By: Dustin Childs 2024/03/12 Read time: ( words)
Save to Folio
It’s the second Tuesday of the month, and Adobe and Microsoft have released a fresh crop of security updates. Take a break from your other activities and join us as we review the details of their latest advisories. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Adobe Patches for March 2024
For March, Adobe released six patches addressing 56 vulnerabilities in Adobe Experience Manager, Premiere Pro, ColdFusion, Adobe Bridge, Lightroom, and Adobe Animate. Two of these bugs were submitted through the ZDI Program. The largest is the update for Experience Manager , which addresses 44 CVEs.
Qualys
Microsoft and Adobe March 2024 Patch Tuesday Security Fixes | Qualys
blogs_qualys·2024-03-12
Microsoft and Adobe March 2024 Patch Tuesday Security Fixes | Qualys
#### Table of Contents
- Microsoft Patch Tuesday for March 2024
- Adobe Patches for March 2024
- Other Critical Severity Vulnerabilities Patched in March Patch Tuesday Edition
- Other Microsoft Vulnerability Highlights
- Microsoft Release Summary
- Discover and Prioritize Vulnerabilities in Vulnerability Management, Detection & Response (VMDR)
- Rapid Response with Patch Management (PM)
- Qualys Monthly Webinar Series
Welcome to another insightful dive into Microsoft’s Patch Tuesday! This month’s security updates address a significant number of CVEs, underscoring the ongoing battle against digital vulnerabilities. We invite you to join us to review and discuss the details of these security updates and patches.
## Microsoft Patch Tuesday for March 2024
Microsoft Patch Tuesday’s March 20
Krebs
Patch Tuesday, March 2024 Edition
blogs_krebs·2024-03-12·CVSS 7.1
[HIGH] Patch Tuesday, March 2024 Edition
Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS . Meanwhile, Apple’s new macOS Sonoma addresses at least 68 security weaknesses, and its latest update for iOS fixes two zero-day flaws.
Last week, Apple pushed out an urgent software update to its flagship iOS platform, warning that there were at least two zero-day exploits for vulnerabilities being used in the wild (CVE-2024-23225 and CVE-2024-23296). The security updates are available in iOS 17.4 , iPadOS 17.4 , and iOS 16.7.6 .
Apple’s macOS Sonoma 14.4 Security Update addresses dozens of security issues. Jason Kitka , chief information security officer at Automox , said the vulnerabilities patched in
Trendmicro
The March 2024 Security Update Review
blogs_trendmicro·2024-03-12
The March 2024 Security Update Review
## The March 2024 Security Update Review
Get the March 2024 security update and review.
By: Dustin Childs Mar 12, 2024 Read time: ( words)
Save to Folio
It’s the second Tuesday of the month, and Adobe and Microsoft have released a fresh crop of security updates. Take a break from your other activities and join us as we review the details of their latest advisories. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Adobe Patches for March 2024
For March, Adobe released six patches addressing 56 vulnerabilities in Adobe Experience Manager, Premiere Pro, ColdFusion, Adobe Bridge, Lightroom, and Adobe Animate. Two of these bugs were submitted through the ZDI Program. The largest is the update for Experience Manager , which addresses 44 CVE
Trendmicro
The March 2024 Security Update Review
blogs_trendmicro·2024-03-12
The March 2024 Security Update Review
## The March 2024 Security Update Review
Get the March 2024 security update and review.
By: Dustin Childs Mar 12, 2024 Read time: ( words)
Save to Folio
It’s the second Tuesday of the month, and Adobe and Microsoft have released a fresh crop of security updates. Take a break from your other activities and join us as we review the details of their latest advisories. If you’d rather watch the full video recap covering the entire release, you can check it out here:
Adobe Patches for March 2024
For March, Adobe released six patches addressing 56 vulnerabilities in Adobe Experience Manager, Premiere Pro, ColdFusion, Adobe Bridge, Lightroom, and Adobe Animate. Two of these bugs were submitted through the ZDI Programme. The largest is the update for Experience Manager , which addresses 44 C
Zscaler
Zscaler found Windows Security Vulnerabilities | 03-12-2024
blogs_zscaler·CVSS 7.0
[HIGH] Zscaler found Windows Security Vulnerabilities | 03-12-2024
Provide users with seamless, secure, reliable access to applications and data.
Build and run secure cloud apps, enable zero trust cloud connectivity, and protect workloads from data center to cloud.
Provide zero trust connectivity for IoT and OT devices and secure remote access to OT systems.
Provide zero trust site-to-site connectivity and reliable access to B2B apps for partners.
Industry Report
Zscaler: A Leader in the 2025 Gartner® Magic Quadrant™ for Security Service Edge (SSE)
USE CASES
INDUSTRY & MARKET SOLUTIONS
PARTNERS
TECHNOLOGY PARTNERS
Resource Center
Events & Trainings
Security Research & Services
Tools
Community & Support
CXO REVOLUTIONARIES
Amplifying the voices of real-world digital and zero trust pioneers
Discover how it began and where it’s going
Meet o
2024-03-12
Published