Msrc Windows 7 vulnerabilities

CVE-2022-23296 [HIGH] Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability Windows Installer: Windows Installer Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5011503 Refere

CVE-2022-23290 [HIGH] Windows Inking COM Elevation of Privilege Vulnerability Windows Inking COM Elevation of Privilege Vulnerability Windows COM: Windows COM Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5011503 Reference: https

CVE-2022-23299 [HIGH] Windows PDEV Elevation of Privilege Vulnerability Windows PDEV Elevation of Privilege Vulnerability FAQ: What is a Windows PDEV? A Windows PDEV is a logical representation of the physical device. It is characterized by the type of hardware, logical address, and surfaces that can be supported. As an example of a driver supporting a PDEV characterized by the type of hardware, one driver could support the LaserWhiz, LaserWhiz II, and LaserWhiz Super printers. For more informa

CVE-2022-24454 [HIGH] Windows Security Support Provider Interface Elevation of Privilege Vulnerability Windows Security Support Provider Interface Elevation of Privilege Vulnerability Windows Security Support Provider Interface: Windows Security Support Provider Interface Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less

CVE-2022-23293 [HIGH] Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Windows Fast FAT Driver: Windows Fast FAT Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.micro

CVE-2022-24503 [MEDIUM] Remote Desktop Protocol Client Information Disclosure Vulnerability Remote Desktop Protocol Client Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Windows Remote Desktop: Windows Remote Desktop Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure Exploit Status: Publi

CVE-2022-24502 [MEDIUM] Windows HTML Platforms Security Feature Bypass Vulnerability Windows HTML Platforms Security Feature Bypass Vulnerability FAQ: The Security Updates table indicates that this vulnerability affects all supported versions of Microsoft Windows. Why are IE Cumulative updates listed for Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2? While Microsoft has announced retirement of the Internet Explorer 11 applic

CVE-2022-23297 [MEDIUM] Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Kernel

CVE-2022-23253 [MEDIUM] Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability Windows Point-to-Point Tunneling Protocol: Windows Point-to-Point Tunneling Protocol Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Refe

CVE-2022-23281 [MEDIUM] Windows Common Log File System Driver Information Disclosure Vulnerability Windows Common Log File System Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Common Log File System Dri

CVE-2022-22718 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v

CVE-2022-21981 [HIGH] Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver: Windows Common Log File System Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Referen

CVE-2022-21997 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Required: Yes Impact

CVE-2022-22000 [HIGH] Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver: Windows Common Log File System Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Referen

CVE-2022-21989 [HIGH] Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability? In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer executi

CVE-2022-21999 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v

CVE-2022-22717 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privile

CVE-2022-22710 [MEDIUM] Windows Common Log File System Driver Denial of Service Vulnerability Windows Common Log File System Driver Denial of Service Vulnerability Windows Common Log File System Driver: Windows Common Log File System Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://c

CVE-2022-21985 [MEDIUM] Windows Remote Access Connection Manager Information Disclosure Vulnerability Windows Remote Access Connection Manager Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory. Windows Remote Access Connection Manager: Windows Remote Access Connection Manager Microsoft: Microsoft Customer Action Required: Ye

CVE-2022-21998 [MEDIUM] Windows Common Log File System Driver Information Disclosure Vulnerability Windows Common Log File System Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Common Log File System Dri