Msrc Windows 11 Version 21H2 vulnerabilities

CVE-2021-38624 [MEDIUM] Windows Key Storage Provider Security Feature Bypass Vulnerability Windows Key Storage Provider Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the Windows Key Storage Provider which issues key certificates for trust in attestation scenarios. Windows Key Storage Provider: Windows Key Storage Provider Microsoft: Microsoft Impact: Security Feature

CVE-2021-34527 [HIGH] Windows Print Spooler Remote Code Execution Vulnerability Windows Print Spooler Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user

CVE-2021-33781 [HIGH] Azure AD Security Feature Bypass Vulnerability Azure AD Security Feature Bypass Vulnerability Windows Active Directory: Windows Active Directory Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.

CVE-2021-26414 [MEDIUM] Windows DCOM Server Security Feature Bypass Windows DCOM Server Security Feature Bypass FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? This vulnerability requires that a user with an affected version of Windows access a malicious server. An attacker would have to host a specially crafted server share or website. An attacker would have no way to force users to visit this specially crafted server share or