Msrc Windows Rt 8.1 vulnerabilities

CVE-2021-1708 [MEDIUM] Windows GDI+ Information Disclosure Vulnerability Windows GDI+ Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Microsoft Graphics Component: Microsoft Graphics Component Micro

CVE-2021-1699 [MEDIUM] Windows (modem.sys) Information Disclosure Vulnerability Windows (modem.sys) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure Exploit Status: Publicly Disclosed:N

CVE-2021-1696 [MEDIUM] Windows Graphics Component Information Disclosure Vulnerability Windows Graphics Component Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure

CVE-2021-1656 [MEDIUM] TPM Device Driver Information Disclosure Vulnerability TPM Device Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Windows TPM Device Driver: Windows TPM Device Driver M

CVE-2021-1679 [MEDIUM] Windows CryptoAPI Denial of Service Vulnerability Windows CryptoAPI Denial of Service Vulnerability Windows CryptoAPI: Windows CryptoAPI Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4598242 Reference: https://

CVE-2021-1683 [MEDIUM] Windows Bluetooth Security Feature Bypass Vulnerability Windows Bluetooth Security Feature Bypass Vulnerability Description: Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X c

CVE-2021-1684 [MEDIUM] Windows Bluetooth Security Feature Bypass Vulnerability Windows Bluetooth Security Feature Bypass Vulnerability Description: Microsoft is aware of the "Impersonation in the Passkey Entry Protocol" vulnerability. For more information regarding the vulnerability, please see this statement from the Bluetooth SIG. To address the vulnerability, Microsoft has released a software update that will fail attempts to pair if the remote device exchanges a public key with the same X c

CVE-2020-17140 [HIGH] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability FAQ: Does this security update target the Server or Client side? In this case the fix targets both sides. Specifically the smb2.srv binary is the primary fix target, which is housed on both sides of the connection. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this

CVE-2020-17092 [HIGH] Windows Network Connections Service Elevation of Privilege Vulnerability Windows Network Connections Service Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Sea

CVE-2020-17096 [HIGH] Windows NTFS Remote Code Execution Vulnerability Windows NTFS Remote Code Execution Vulnerability FAQ: How would an attacker exploit this vulnerability? A local attacker could run a specially crafted application that would elevate the attacker's privileges. A remote attacker with SMBv2 access to a vulnerable system could send specially crafted requests over a network to exploit this vulnerability and execute code on the target system. Windows SMB: Windows SMB Microsoft:

CVE-2020-17098 [MEDIUM] Windows GDI+ Information Disclosure Vulnerability Windows GDI+ Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Microsoft Graphics Component: Microsoft Graphics Component Micr

CVE-2020-17097 [LOW] Windows Digital Media Receiver Elevation of Privilege Vulnerability Windows Digital Media Receiver Elevation of Privilege Vulnerability Windows Media: Windows Media Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB459243

CVE-2020-17011 [HIGH] Windows Port Class Library Elevation of Privilege Vulnerability Windows Port Class Library Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q

CVE-2020-17031 [HIGH] Windows Remote Access Elevation of Privilege Vulnerability Windows Remote Access Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586785

CVE-2020-17001 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586785

CVE-2020-17068 [HIGH] Windows GDI+ Remote Code Execution Vulnerability Windows GDI+ Remote Code Execution Vulnerability Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB458678

CVE-2020-17028 [HIGH] Windows Remote Access Elevation of Privilege Vulnerability Windows Remote Access Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586781

CVE-2020-17027 [HIGH] Windows Remote Access Elevation of Privilege Vulnerability Windows Remote Access Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586781

CVE-2020-17044 [HIGH] Windows Remote Access Elevation of Privilege Vulnerability Windows Remote Access Elevation of Privilege Vulnerability Microsoft Windows: Microsoft Windows Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB4586781

CVE-2020-17088 [HIGH] Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver: Windows Common Log File System Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Referen