Msrc Windows Server 2019 vulnerabilities

CVE-2021-34446 [HIGH] Windows HTML Platforms Security Feature Bypass Vulnerability Windows HTML Platforms Security Feature Bypass Vulnerability Windows HTML Platform: Windows HTML Platform Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https

CVE-2021-33756 [HIGH] Windows DNS Snap-in Remote Code Execution Vulnerability Windows DNS Snap-in Remote Code Execution Vulnerability FAQ: How could an attacker exploit the vulnerability? An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. Role: DNS Server: Role: DNS Server Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older

CVE-2021-34449 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows Win32K: Windows Win32K Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com/help/5004244 Reference:

CVE-2021-34498 [HIGH] Windows GDI Elevation of Privilege Vulnerability Windows GDI Elevation of Privilege Vulnerability Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.

CVE-2021-33754 [HIGH] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability Microsoft Windows DNS: Microsoft Windows DNS Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.mic

CVE-2021-34442 [HIGH] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: If my server is not configured to be a DNS server, it is vulnerable? No, this vulnerability is only exploitable if the server is configured to be a DNS server. Role: DNS Server: Role: DNS Server Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Softwa

CVE-2021-34490 [HIGH] Windows TCP/IP Driver Denial of Service Vulnerability Windows TCP/IP Driver Denial of Service Vulnerability Windows TCP/IP: Windows TCP/IP Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com/help/5004

CVE-2021-33771 [HIGH] Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Windows Kernel: Windows Kernel Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected;Older Software Release:Exploitation Detected;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com/help/5004244

CVE-2021-34450 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: How would an attacker exploit this vulnerability? This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server. Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Impact: Remote Code

CVE-2021-34456 [HIGH] Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager: Windows Remote Access Connection Manager Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog

CVE-2021-34489 [HIGH] DirectWrite Remote Code Execution Vulnerability DirectWrite Remote Code Execution Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Exploitation of the vulnerability requires that a user open a specially crafted file. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-base

CVE-2021-34476 [HIGH] Bowser.sys Denial of Service Vulnerability Bowser.sys Denial of Service Vulnerability Common Internet File System: Common Internet File System Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com/help/

CVE-2021-34445 [HIGH] Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager: Windows Remote Access Connection Manager Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog

CVE-2021-33746 [HIGH] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability Microsoft Windows DNS: Microsoft Windows DNS Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.mic

CVE-2021-33783 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. Windows SMB: Windows SMB Microsoft: Microsoft Impact: Information Disclosure Exploit Status: Publicly Disclosed:No;Exploited:No;L

CVE-2021-34500 [MEDIUM] Windows Kernel Memory Information Disclosure Vulnerability Windows Kernel Memory Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Guest VM to Hyper-V host server - virtualization security boundary. FAQ: What type of information could be disclosed by this vulnerability? The type of information that could b

CVE-2021-34491 [MEDIUM] Win32k Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Win32K: Windows Win32K Microsoft: Microsoft Impact: Information Disclosure Exploit St

CVE-2021-33745 [MEDIUM] Windows DNS Server Denial of Service Vulnerability Windows DNS Server Denial of Service Vulnerability FAQ: If my server is not configured to be a DNS server, it is vulnerable? No, this vulnerability is only exploitable if the server is configured to be a DNS server. Role: DNS Server: Role: DNS Server Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release

CVE-2021-34499 [MEDIUM] Windows DNS Server Denial of Service Vulnerability Windows DNS Server Denial of Service Vulnerability Microsoft Windows DNS: Microsoft Windows DNS Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com

CVE-2021-33755 [MEDIUM] Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com/help/