Msrc Windows Server 2019 vulnerabilities

CVE-2022-24489 [HIGH] Cluster Client Failover (CCF) Elevation of Privilege Vulnerability Cluster Client Failover (CCF) Elevation of Privilege Vulnerability Windows Cluster Client Failover: Windows Cluster Client Failover Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft

CVE-2022-26917 [HIGH] Windows Fax Compose Form Remote Code Execution Vulnerability Windows Fax Compose Form Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution? The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. For example, when the s

CVE-2022-26790 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/S

CVE-2022-24482 [HIGH] Windows ALPC Elevation of Privilege Vulnerability Windows ALPC Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows ALPC: Windows ALPC Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Lat

CVE-2022-24490 [HIGH] Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability Windows Hyper-V Shared Virtual Hard Disks Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Role: Windows Hyper-V: Role:

CVE-2022-24546 [HIGH] Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library: Windows DWM Core Library Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx

CVE-2022-26798 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/S

CVE-2022-24474 [HIGH] Windows Win32k Elevation of Privilege Vulnerability Windows Win32k Elevation of Privilege Vulnerability Windows Win32K: Windows Win32K Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5012647 Reference: https://support

CVE-2022-26914 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows Win32K: Windows Win32K Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5012647 Reference: https://support.microsoft.com/h

CVE-2022-26794 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/S

CVE-2022-26808 [HIGH] Windows File Explorer Elevation of Privilege Vulnerability Windows File Explorer Elevation of Privilege Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to win a race condition. Windows File Explorer: Windows File Explorer Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Pu

CVE-2022-26792 [HIGH] Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Elevation of Privilege Vulnerability Windows Print Spooler Components: Windows Print Spooler Components Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/S

CVE-2022-26813 [HIGH] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. As is best practice, regular validation and audits of administrative groups should be conducted. Role: DNS Server: Role: DNS Ser

CVE-2022-26815 [HIGH] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: According to the CVSS metric, privileges required is high (PR:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires the attacker or targeted user to have specific elevated privileges. As is best practice, regular validation and audits of administrative groups should be conducted. Role: DNS Server: Role: DNS Ser

CVE-2022-24550 [HIGH] Windows Telephony Server Elevation of Privilege Vulnerability Windows Telephony Server Elevation of Privilege Vulnerability Windows Telephony Server: Windows Telephony Server Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx

CVE-2022-24486 [HIGH] Windows Kerberos Elevation of Privilege Vulnerability Windows Kerberos Elevation of Privilege Vulnerability Windows Kerberos: Windows Kerberos Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5012647 Reference: https:/

CVE-2022-24499 [HIGH] Windows Installer Elevation of Privilege Vulnerability Windows Installer Elevation of Privilege Vulnerability Windows Installer: Windows Installer Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5012647 Reference: htt

CVE-2022-24521 [HIGH] Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver Elevation of Privilege Vulnerability Windows Common Log File System Driver: Windows Common Log File System Driver Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected;Older Software Release:Exploitation Detected Reference: https://c

CVE-2022-24545 [HIGH] Windows Kerberos Remote Code Execution Vulnerability Windows Kerberos Remote Code Execution Vulnerability FAQ: According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability? Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component. FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that th

CVE-2022-26831 [HIGH] Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability Windows LDAP - Lightweight Directory Access Protocol: Windows LDAP - Lightweight Directory Access Protocol Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Rele