Msrc Windows 11 Version 21H2 vulnerabilities

CVE-2024-38070 [HIGH] CWE-693 Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass the execution policy for the Windows LockDown Policy (WLDP) for the WDAC API. Windows LockDown Policy (WLDP): Windows LockDown Policy (WLDP) Microsoft: Micros

CVE-2024-37986 [HIGH] CWE-191 Secure Boot Security Feature Bypass Vulnerability Secure Boot Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass Secure Boot. FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability? An unauthorized attacker mus

CVE-2024-38091 [HIGH] CWE-166 Microsoft WS-Discovery Denial of Service Vulnerability Microsoft WS-Discovery Denial of Service Vulnerability Microsoft WS-Discovery: Microsoft WS-Discovery Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5040430 Reference: https://support.microsoft.com/help/504

CVE-2024-38061 [HIGH] CWE-284 DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability DCOM Remote Cross-Session Activation Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to take additional actions prior to exploitation to prepare the target environment. FAQ: What privileges could be gained by an attacker

CVE-2024-28899 [HIGH] CWE-121 Secure Boot Security Feature Bypass Vulnerability Secure Boot Security Feature Bypass Vulnerability FAQ: According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability? An authenticated attacker could exploit this vulnerability with LAN access. FAQ: How could an attacker successfully exploit this vulnerability? To exploit the vulnerability, an attacker who has physical access or Administrative rights to a target devi

CVE-2024-30098 [HIGH] CWE-327 Windows Cryptographic Services Security Feature Bypass Vulnerability Windows Cryptographic Services Security Feature Bypass Vulnerability FAQ: Are there any further actions I need to take to be protected from this vulnerability? Yes. The Windows Smart Card infrastructure relies on the Cryptographic Service Provider (CSP) and Key Storage Provider (KSP) to isolate cryptographic operations from the Smart Card implementation. The KSP is part of the Crypto Next Generati

CVE-2024-38011 [HIGH] CWE-130 Secure Boot Security Feature Bypass Vulnerability Secure Boot Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass Secure Boot. FAQ: According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability? An unauthenticated attacker with LAN access could exploit this vuln

CVE-2024-38079 [HIGH] CWE-122 Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would first have to log on to the system. An attacker c

CVE-2024-3596 [CRITICAL] CWE-327 CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability CERT/CC: CVE-2024-3596 RADIUS Protocol Spoofing Vulnerability FAQ: Why is this CERT/CC CVE included in the Security Update Guide? A vulnerability exists in the RADIUS protocol that potentially affects many products and implementations of the RFC 2865 in the UDP version of the RADIUS protocol. In brief, RADIUS protocol (RFC 2865) is susceptible to forgery attacks that can modify Access-Accept or Access

CVE-2024-38068 [HIGH] CWE-400 Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Windows Online Certificate Status Protocol (OCSP) Server Denial of Service Vulnerability Windows Online Certificate Status Protocol (OCSP): Windows Online Certificate Status Protocol (OCSP) Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely Referenc

CVE-2024-38062 [HIGH] CWE-125 Windows Kernel-Mode Driver Elevation of Privilege Vulnerability Windows Kernel-Mode Driver Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Kernel-Mode Drivers: Windows Kernel-Mode Drivers Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit St

CVE-2024-37972 [HIGH] CWE-121 Secure Boot Security Feature Bypass Vulnerability Secure Boot Security Feature Bypass Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R) and privileges required are none (PR:N). What does that mean for this vulnerability? An unauthorized attacker must wait for a user to initiate a connection. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited t

CVE-2024-38052 [HIGH] CWE-20 Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Microsoft Streaming Service: Microsoft Streaming Service Microsoft: Microsoft Customer Action Required: Yes Impact: Eleva

CVE-2024-38043 [HIGH] CWE-20 PowerShell Elevation of Privilege Vulnerability PowerShell Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could elevate their user privileges from those of a restrained user to an unrestrained WDAC user. Windows PowerShell: Windows PowerShell Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Priv

CVE-2024-38025 [HIGH] CWE-122 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, a victim machine must be running a performance counter collection tool such as Performance Monitor to collect performance counter data from an attacker machine. An attacker with local admin authority on the atta

CVE-2024-30013 [HIGH] CWE-415 Windows MultiPoint Services Remote Code Execution Vulnerability Windows MultiPoint Services Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An unauthenticated attacker can exploit this vulnerability by sending a malicious request packet via a client machine to a Windows Server configured to be a Multipoint Service over a network, and then waiting for the server to stop or restart. FAQ: According to the CVSS metric, user i

CVE-2024-37973 [HIGH] CWE-674 Secure Boot Security Feature Bypass Vulnerability Secure Boot Security Feature Bypass Vulnerability FAQ: According to the CVSS metric, the attack vector is adjacent (AV:A). What does that mean for this vulnerability? An unauthenticated attacker with LAN access could exploit this vulnerability. FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? An attacker who successfully exploited this vulnerability could bypass Se

CVE-2024-38028 [HIGH] CWE-125 Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, a victim machine must be running a performance counter collection tool such as Performance Monitor to collect performance counter data from an attacker machine. An attacker with local admin authority on the atta

CVE-2024-30081 [HIGH] CWE-200 Windows NTLM Spoofing Vulnerability Windows NTLM Spoofing Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a specially crafted URL to be compromised by the attacker. Windows NTLM: Windows NTLM Microsoft: Microsoft Customer Action Required: Yes Impact: Spoofing Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Le

CVE-2024-38104 [HIGH] CWE-822 Windows Fax Service Remote Code Execution Vulnerability Windows Fax Service Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authenticated attacker with normal user privileges that has already compromised a fax server, to which the victim is connected, can exploit this vulnerability to execute arbitrary code on the victim machine. Windows Fax and Scan Service: Windows Fax and Scan Service Microsoft: Microsoft Customer