Msrc Windows Server 2008 vulnerabilities

CVE-2021-43207 [HIGH] Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver: Windows Common Log File System Driver Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.micr

CVE-2021-43217 [HIGH] Windows Encrypting File System (EFS) Remote Code Execution Vulnerability Windows Encrypting File System (EFS) Remote Code Execution Vulnerability FAQ: What is the attack vector for this vulnerability? An attacker could cause a buffer overflow write leading to unauthenticated non-sandboxed code execution. Does EFS need to be in use for this to be exploited? No. EFS interfaces trigger a start to the EFS service if it isn’t already running. How does Microsoft plan to address

CVE-2021-43229 [HIGH] Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218 Reference: https://support.microsoft.com/help/5008218 Re

CVE-2021-43226 [HIGH] Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver: Windows Common Log File System Driver Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.micr

CVE-2021-41333 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218

CVE-2021-43230 [HIGH] Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218 Reference: https://support.microsoft.com/help/5008218 Re

CVE-2021-43222 [HIGH] Microsoft Message Queuing Information Disclosure Vulnerability Microsoft Message Queuing Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. Windows Message Queuing: Windows Message Queuing Microsoft: Microsoft Impact: Information Disclosure Exploit Status: Publicly Disclosed:No;Exploited:No;Latest

CVE-2021-43234 [HIGH] Windows Fax Service Remote Code Execution Vulnerability Windows Fax Service Remote Code Execution Vulnerability Role: Windows Fax Service: Role: Windows Fax Service Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218 Reference: https://s

CVE-2021-43216 [MEDIUM] Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability Microsoft Local Security Authority (LSA) Server Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Kernel memory read - unintentional read access to memory contents in kernel space from a user mode process. Microsoft Local

CVE-2021-43224 [MEDIUM] Windows Common Log File System Driver Information Disclosure Vulnerability Windows Common Log File System Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Common Log File System Dri

CVE-2021-41370 [HIGH] NTFS Elevation of Privilege Vulnerability NTFS Elevation of Privilege Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5007206 Reference: https://support.microsoft.com/help/5007

CVE-2021-38666 [HIGH] Remote Desktop Client Remote Code Execution Vulnerability Remote Desktop Client Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacker's server with the vulnerable Remote Desktop Client. Windows RDP: Windows RDP Microsoft: Microsoft

CVE-2021-41367 [HIGH] NTFS Elevation of Privilege Vulnerability NTFS Elevation of Privilege Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5007206 Reference: https://support.microsoft.com/help/5007

CVE-2021-41377 [HIGH] Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Windows Fast FAT Driver: Windows Fast FAT Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com

CVE-2021-42275 [HIGH] Microsoft COM for Windows Remote Code Execution Vulnerability Microsoft COM for Windows Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authorized attacker could exploit this Windows COM vulnerability by sending from a user mode application specially crafted malicious COM traffic directed at the COM Server, which might lead to remote code execution. Windows COM: Windows COM Microsoft: Microsoft Customer Action Required: Yes

CVE-2021-42283 [HIGH] NTFS Elevation of Privilege Vulnerability NTFS Elevation of Privilege Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5007206 Reference: https://support.microsoft.com/help/5007

CVE-2021-41371 [MEDIUM] Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is read access to Windows RDP client passwords by RDP server administrators. Windows RDP: Windows RDP Microsoft: Microsoft Customer Action Requir

CVE-2021-41379 [MEDIUM] Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. Windows Installer: Windows Installer Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit St

CVE-2021-38631 [MEDIUM] Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is read access to Windows RDP client passwords by RDP server administrators. Windows RDP: Windows RDP Microsoft: Microsoft Customer Action Requir

CVE-2021-40449 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows Win32K: Windows Win32K Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected;Older Software Release:Exploitation Detected;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006672 Reference: https://support.microsoft.com/help/5006672 Reference: http