Msrc Windows Server 2016 vulnerabilities

CVE-2021-42276 [HIGH] Microsoft Windows Media Foundation Remote Code Execution Vulnerability Microsoft Windows Media Foundation Remote Code Execution Vulnerability Microsoft Windows Codecs Library: Microsoft Windows Codecs Library Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.

CVE-2021-41370 [HIGH] NTFS Elevation of Privilege Vulnerability NTFS Elevation of Privilege Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5007206 Reference: https://support.microsoft.com/help/5007

CVE-2021-38666 [HIGH] Remote Desktop Client Remote Code Execution Vulnerability Remote Desktop Client Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? In the case of a Remote Desktop connection, an attacker with control of a Remote Desktop Server could trigger a remote code execution (RCE) on the RDP client machine when a victim connects to the attacker's server with the vulnerable Remote Desktop Client. Windows RDP: Windows RDP Microsoft: Microsoft

CVE-2021-36957 [HIGH] Windows Desktop Bridge Elevation of Privilege Vulnerability Windows Desktop Bridge Elevation of Privilege Vulnerability Windows Desktop Bridge: Windows Desktop Bridge Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB500

CVE-2021-42287 [HIGH] Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability FAQ: Where can I find more information about the improved authentication process added by the update for CVE-2021-42287? See Authentication updates. Windows Active Directory: Windows Active Directory Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No

CVE-2021-41367 [HIGH] NTFS Elevation of Privilege Vulnerability NTFS Elevation of Privilege Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5007206 Reference: https://support.microsoft.com/help/5007

CVE-2021-42282 [HIGH] Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability FAQ: Where can I find more information about Verification of uniqueness for user principal name, service principal name, or the service principal name alias? See Verification of uniqueness for user principal name, service principal name, and the service principal name alias. Windows Active Directory: Windows Active Directory Microsof

CVE-2021-38665 [HIGH] Remote Desktop Protocol Client Information Disclosure Vulnerability Remote Desktop Protocol Client Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap. Windows RDP: Windows RDP Microsoft: Microsoft Customer Action Required: Yes Impact: Information Disclosure Exploit Status: Publicly Disclosed:No;Ex

CVE-2021-41377 [HIGH] Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Windows Fast FAT File System Driver Elevation of Privilege Vulnerability Windows Fast FAT Driver: Windows Fast FAT Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com

CVE-2021-42285 [HIGH] Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5007206 Reference: https://support

CVE-2021-42291 [HIGH] Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability FAQ: Where can I find more information about Active Directory permissions updates? See Active Directory permissions updates. Windows Active Directory: Windows Active Directory Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release

CVE-2021-42278 [HIGH] Active Directory Domain Services Elevation of Privilege Vulnerability Active Directory Domain Services Elevation of Privilege Vulnerability FAQ: Where can I find more information about Active Directory SAM Account hardening changes? See Active Directory SAM Account hardening changes. Windows Active Directory: Windows Active Directory Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Lat

CVE-2021-42275 [HIGH] Microsoft COM for Windows Remote Code Execution Vulnerability Microsoft COM for Windows Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? An authorized attacker could exploit this Windows COM vulnerability by sending from a user mode application specially crafted malicious COM traffic directed at the COM Server, which might lead to remote code execution. Windows COM: Windows COM Microsoft: Microsoft Customer Action Required: Yes

CVE-2021-41366 [HIGH] Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability Credential Security Support Provider Protocol (CredSSP) Elevation of Privilege Vulnerability Windows Cred SSProvider Protocol: Windows Cred SSProvider Protocol Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Le

CVE-2021-42283 [HIGH] NTFS Elevation of Privilege Vulnerability NTFS Elevation of Privilege Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5007206 Reference: https://support.microsoft.com/help/5007

CVE-2021-42280 [MEDIUM] Windows Feedback Hub Elevation of Privilege Vulnerability Windows Feedback Hub Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. Windows Feedback Hub: Windows Feedback Hub Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege

CVE-2021-41371 [MEDIUM] Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is read access to Windows RDP client passwords by RDP server administrators. Windows RDP: Windows RDP Microsoft: Microsoft Customer Action Requir

CVE-2021-41379 [MEDIUM] Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. Windows Installer: Windows Installer Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit St

CVE-2021-42277 [MEDIUM] Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. Windows Diagnostic Hub: Windows Diagnostic Hub Microsoft: Microsoft Customer Action Required: Yes

CVE-2021-42279 [MEDIUM] Chakra Scripting Engine Memory Corruption Vulnerability Chakra Scripting Engine Memory Corruption Vulnerability Windows Scripting: Windows Scripting Microsoft: Microsoft Customer Action Required: Yes Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5007186 Reference: https://support.micro