Msrc Windows Server 2022 vulnerabilities

CVE-2021-38672 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? For successful exploitation, this vulnerability could allow a malicious guest VM to read kernel memory in the host. To trigger this vulnerability the guest VM requires a memory allocation error to first occur on the guest VM. This bug could be used for a VM escape from guest to host. Role: Windows Hyper-V: Role: Win

CVE-2021-40463 [HIGH] Windows Network Address Translation (NAT) Denial of Service Vulnerability Windows Network Address Translation (NAT) Denial of Service Vulnerability Windows Network Address Translation (NAT): Windows Network Address Translation (NAT) Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.mic

CVE-2021-40470 [HIGH] DirectX Graphics Kernel Elevation of Privilege Vulnerability DirectX Graphics Kernel Elevation of Privilege Vulnerability Windows DirectX: Windows DirectX Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006672 Reference: https://support.mi

CVE-2021-40469 [HIGH] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: If my server is not configured to be a DNS server, it is vulnerable? No, this vulnerability is only exploitable if the server is configured to be a DNS server. Role: DNS Server: Role: DNS Server Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Softw

CVE-2021-40478 [HIGH] Storage Spaces Controller Elevation of Privilege Vulnerability Storage Spaces Controller Elevation of Privilege Vulnerability Windows Storage Spaces Controller: Windows Storage Spaces Controller Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=

CVE-2021-40461 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006672 Reference: https://support.microsoft

CVE-2021-40476 [HIGH] Windows AppContainer Elevation Of Privilege Vulnerability Windows AppContainer Elevation Of Privilege Vulnerability Windows AppContainer: Windows AppContainer Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006672 Reference: https://suppor

CVE-2021-40477 [HIGH] Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing: Windows Event Tracing Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006672 Reference: https://su

CVE-2021-40488 [HIGH] Storage Spaces Controller Elevation of Privilege Vulnerability Storage Spaces Controller Elevation of Privilege Vulnerability Windows Storage Spaces Controller: Windows Storage Spaces Controller Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=

CVE-2021-40450 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows Win32K: Windows Win32K Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006672 Reference: https://support.microsoft.com/help/5006672 Reference:

CVE-2021-41345 [HIGH] Storage Spaces Controller Elevation of Privilege Vulnerability Storage Spaces Controller Elevation of Privilege Vulnerability Windows Storage Spaces Controller: Windows Storage Spaces Controller Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=

CVE-2021-41334 [HIGH] Windows Desktop Bridge Elevation of Privilege Vulnerability Windows Desktop Bridge Elevation of Privilege Vulnerability Windows Desktop Bridge: Windows Desktop Bridge Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006670 Reference: https:

CVE-2021-40464 [HIGH] Windows Nearby Sharing Elevation of Privilege Vulnerability Windows Nearby Sharing Elevation of Privilege Vulnerability Windows Nearby Sharing: Windows Nearby Sharing Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006672 Reference: https:

CVE-2021-41347 [HIGH] Windows AppX Deployment Service Elevation of Privilege Vulnerability Windows AppX Deployment Service Elevation of Privilege Vulnerability Windows AppX Deployment Service: Windows AppX Deployment Service Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search

CVE-2021-41357 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows Win32K: Windows Win32K Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006670 Reference: https://support.microsoft.com/help/5006670 Reference:

CVE-2021-26441 [HIGH] Storage Spaces Controller Elevation of Privilege Vulnerability Storage Spaces Controller Elevation of Privilege Vulnerability FAQ: How could an attacker exploit this vulnerability? An authorized (medium integrity level) attacker could exploit this Windows Storport driver elevation of privilege vulnerability by locally sending through a user mode application a specially crafted request to the driver specifying an IOCTL parameter, which could lead to an out-of-bounds buffer

CVE-2021-40462 [HIGH] Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability Windows Media Foundation Dolby Digital Atmos Decoders Remote Code Execution Vulnerability Microsoft Windows Codecs Library: Microsoft Windows Codecs Library Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://

CVE-2021-40475 [MEDIUM] Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Cloud Files Mini Filter

CVE-2021-41361 [MEDIUM] Active Directory Federation Server Spoofing Vulnerability Active Directory Federation Server Spoofing Vulnerability FAQ: How could an attacker exploit this vulnerability? The ADFS (Active Directory Federation Services) services are vulnerable during the logout redirect request to cross-site scripting of the post logout redirect URI. An attacker who successfully exploited this vulnerability could leave an application using this ADFS library vulnerable to common XSS attack

CVE-2021-40456 [MEDIUM] Windows AD FS Security Feature Bypass Vulnerability Windows AD FS Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? This vulnerability could allow an attacker to bypass ADFS BannedIPList entries for WS-Trust workflows. Role: Windows AD FS Server: Role: Windows AD FS Server Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Lates