Msrc Windows Server 2012 vulnerabilities

CVE-2021-28325 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. Windows SMB Server: Windows SMB Server Microsoft: Microsoft Impact

CVE-2021-28328 [MEDIUM] Windows DNS Information Disclosure Vulnerability Windows DNS Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Microsoft Windows DNS: Microsoft Windows DNS Microsoft: Microsoft

CVE-2021-28323 [MEDIUM] Windows DNS Information Disclosure Vulnerability Windows DNS Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. FAQ: Does this vulnerability affect both DNS Servers and DNS Clien

CVE-2021-28447 [MEDIUM] Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Windows Early Launch Antimalware Driver: Windows Early Launch Antimalware Driver Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalo

CVE-2021-26897 [CRITICAL] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: Can this vulnerability by mitigated by enabling Secure Zone Updates? Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation. Does this vulnerability impact

CVE-2021-26894 [CRITICAL] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: Can this vulnerability by mitigated by enabling Secure Zone Updates? Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation. Does this vulnerability impact

CVE-2021-26895 [CRITICAL] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: Can this vulnerability by mitigated by enabling Secure Zone Updates? Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation. Does this vulnerability impact

CVE-2021-26877 [CRITICAL] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: Can this vulnerability by mitigated by enabling Secure Zone Updates? Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation. Does this vulnerability impact

CVE-2021-26893 [CRITICAL] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: Can this vulnerability by mitigated by enabling Secure Zone Updates? Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation. Does this vulnerability impact

CVE-2021-26881 [HIGH] Microsoft Windows Media Foundation Remote Code Execution Vulnerability Microsoft Windows Media Foundation Remote Code Execution Vulnerability Windows Media: Windows Media Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5000809 Reference: htt

CVE-2021-26901 [HIGH] Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing: Windows Event Tracing Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5000809 Reference: https://ca

CVE-2021-26872 [HIGH] Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing: Windows Event Tracing Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5000809 Reference: https://ca

CVE-2021-26878 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5000802

CVE-2021-26887 [HIGH] Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability Microsoft Windows Folder Redirection Elevation of Privilege Vulnerability Description: An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting another user's personal d

CVE-2021-26861 [HIGH] Windows Graphics Component Remote Code Execution Vulnerability Windows Graphics Component Remote Code Execution Vulnerability Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5000809

CVE-2021-26875 [HIGH] Windows Win32k Elevation of Privilege Vulnerability Windows Win32k Elevation of Privilege Vulnerability Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5000809 Reference: https://ca

CVE-2021-26868 [HIGH] Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB500080

CVE-2021-1640 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker who successfully exploited this vulnerability could overwrite arbitrary file content in the security context of the local system. Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Impact: Elevation of Privileg

CVE-2021-26873 [HIGH] Windows User Profile Service Elevation of Privilege Vulnerability Windows User Profile Service Elevation of Privilege Vulnerability Windows User Profile Service: Windows User Profile Service Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB50

CVE-2021-27063 [HIGH] Windows DNS Server Denial of Service Vulnerability Windows DNS Server Denial of Service Vulnerability FAQ: Can this vulnerability by mitigated by enabling Secure Zone Updates? Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation. Does this vulnerability impact just standa