Msrc Windows 10 Version 1909 For X64-Based Systems vulnerabilities

CVE-2022-29113 [HIGH] Windows Digital Media Receiver Elevation of Privilege Vulnerability Windows Digital Media Receiver Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnera

CVE-2022-29142 [HIGH] Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploite

CVE-2022-23279 [HIGH] Windows ALPC Elevation of Privilege Vulnerability Windows ALPC Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows ALPC: Windows ALPC Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Lat

CVE-2022-24466 [MEDIUM] Windows Hyper-V Security Feature Bypass Vulnerability Windows Hyper-V Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? This Hyper-V vulnerability relates to a Virtual Machine Switch with virtual networking in Hyper-V Network Virtualization (HNV). It might be possible to bypass extended ACLs and other Windows security feature checks. See Create Security Policies with Extended Port Acc

CVE-2022-24537 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the

CVE-2022-22008 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the score indicates tha

CVE-2022-26828 [HIGH] Windows Bluetooth Driver Elevation of Privilege Vulnerability Windows Bluetooth Driver Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Microsoft Bluetooth Driver: Microsoft Bluetooth Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Ex

CVE-2022-23288 [HIGH] Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows DWM Core Library: Windows DWM Core Library Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploi

CVE-2022-24525 [HIGH] Windows Update Stack Elevation of Privilege Vulnerability Windows Update Stack Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows Update Stack: Windows Update Stack Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Public

CVE-2022-21967 [HIGH] Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability Xbox Live Auth Manager for Windows Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. FAQ: The security updates for this vulnerability are all Windows

CVE-2022-21975 [MEDIUM] Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Explo

CVE-2022-21984 [HIGH] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability Role: DNS Server: Role: DNS Server Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5010345 Reference

CVE-2022-21995 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege Hyper-V guest. The attacker could traverse the guest's security boundary to execute code on the Hyper-V host execution environment. FAQ: According to the CVS

CVE-2022-22712 [MEDIUM] Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. FAQ: According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does thi

CVE-2022-21901 [CRITICAL] Windows Hyper-V Elevation of Privilege Vulnerability Windows Hyper-V Elevation of Privilege Vulnerability FAQ: How could an attacker exploit this vulnerability? An authenticated attacker could run a specially crafted application on a vulnerable Hyper-V guest to exploit this vulnerability which, if successful, could potentially interact with processes of another Hyper-V guest hosted on the same Hyper-V host. Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Micr

CVE-2022-21869 [HIGH] Clipboard User Service Elevation of Privilege Vulnerability Clipboard User Service Elevation of Privilege Vulnerability Windows Clipboard User Service: Windows Clipboard User Service Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Sea

CVE-2022-21898 [HIGH] DirectX Graphics Kernel Remote Code Execution Vulnerability DirectX Graphics Kernel Remote Code Execution Vulnerability Windows DirectX: Windows DirectX Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 Reference

CVE-2022-21912 [HIGH] DirectX Graphics Kernel Remote Code Execution Vulnerability DirectX Graphics Kernel Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authenticated attacker could take advantage of a vulnerability in dxgkrnl.sys to execute an arbitrary pointer dereference in kernel mode. FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated user could trigger this vuln

CVE-2022-21865 [HIGH] Connected Devices Platform Service Elevation of Privilege Vulnerability Connected Devices Platform Service Elevation of Privilege Vulnerability Windows Connected Devices Platform Service: Windows Connected Devices Platform Service Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference:

CVE-2022-21847 [MEDIUM] Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 Reference: https://supp