Msrc Windows Server 2008 vulnerabilities

CVE-2023-35641 [HIGH] CWE-682 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Internet Connection Sharing (ICS) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an attacker would need to send a maliciously crafted DHCP message to a server that runs the Internet Connection Sharing service. FAQ: According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerabilit

CVE-2023-35630 [HIGH] CWE-122 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability Internet Connection Sharing (ICS) Remote Code Execution Vulnerability FAQ: According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability? This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same net

CVE-2023-35642 [MEDIUM] CWE-682 Internet Connection Sharing (ICS) Denial of Service Vulnerability Internet Connection Sharing (ICS) Denial of Service Vulnerability FAQ: According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability? This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network s

CVE-2023-36397 [CRITICAL] CWE-126 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? When Windows message queuing service is running in a PGM Server environment, an attacker could send a specially crafted file over the network to achieve remote code execution and attempt to trigger malicious code. Windows Internet Connection Sharing (IC

CVE-2023-36401 [HIGH] CWE-190 Microsoft Remote Registry Service Remote Code Execution Vulnerability Microsoft Remote Registry Service Remote Code Execution Vulnerability FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker must be an authenticated user on the network who is a member of the performance log users group. Although this group defaults to only Administrato

CVE-2023-36402 [HIGH] CWE-122 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An attacker could exploit the vulnerability by tricking an authenticated user into attempting to connect to a malicious SQL server via OLEDB, which could result in the server receiving a malicious networking packet. This could allow the attacker to e

CVE-2023-36025 [HIGH] Windows SmartScreen Security Feature Bypass Vulnerability Windows SmartScreen Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? The attacker would be able to bypass Windows Defender SmartScreen checks and their associated prompts. FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? The user would have to click on a special

CVE-2023-36719 [HIGH] CWE-20 Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: How could an attacker exploit this vulnerability? To exploit this vulnerability, an att

CVE-2023-36393 [HIGH] CWE-426 Windows User Interface Application Core Remote Code Execution Vulnerability Windows User Interface Application Core Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carrie

CVE-2023-36423 [HIGH] CWE-122 Microsoft Remote Registry Service Remote Code Execution Vulnerability Microsoft Remote Registry Service Remote Code Execution Vulnerability FAQ: According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability? Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. FAQ: How could an attacker exploit this vulnerability? A remote, authenticated attacker who is on

CVE-2023-36425 [HIGH] CWE-122 Windows Distributed File System (DFS) Remote Code Execution Vulnerability Windows Distributed File System (DFS) Remote Code Execution Vulnerability FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker or targeted user to have both domain user and delegate management permissions on a non-default DFS namespace. FAQ: How could an attacker

CVE-2023-36424 [HIGH] CWE-125 Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker could use this vulnerability to elevate privileges from Medium Integrity Level to a High Integrity Level. Windows Common Log File System Driver: Windows Common Log File System Driver Microsoft: Microsoft Cu

CVE-2023-36036 [HIGH] CWE-122 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Cloud Files Mini Filter Driver: Windows Cloud Files Mini Filter Driver Microsoft: Microsoft Customer Action Required: Y

CVE-2023-36705 [HIGH] CWE-59 Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. Windows Installer: Windows Installer Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:N

CVE-2023-36403 [HIGH] CWE-591 Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an at

CVE-2023-36428 [MEDIUM] CWE-125 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. Windows Authentication Methods: Windows Authentication Methods Microsoft: Microsoft Customer Ac

CVE-2023-35349 [CRITICAL] CWE-20 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server. Windows Message Queuing: Windows Message Queuing Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Explo

CVE-2023-36434 [CRITICAL] CWE-307 Windows IIS Server Elevation of Privilege Vulnerability Windows IIS Server Elevation of Privilege Vulnerability FAQ: How could an attacker exploit this vulnerability? In a network-based attack, an attacker could brute force user account passwords to log in as that user. Microsoft encourages the use of strong passwords that are more difficult for an attacker to brute force. FAQ: Why is the severity for this CVE rated as Important, but the CVSS score is 9.8? The

CVE-2023-41774 [HIGH] CWE-416 Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Layer 2 Tunneling Protocol Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. FAQ: How could an attacker exploit this vulnerability? An unauthenticated attacker could send a specially crafted protocol message to

CVE-2023-36581 [HIGH] CWE-126 Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability Windows Message Queuing: Windows Message Queuing Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5031361 Reference: https://