Msrc Windows Server 2022 vulnerabilities

CVE-2021-41339 [MEDIUM] Microsoft DWM Core Library Elevation of Privilege Vulnerability Microsoft DWM Core Library Elevation of Privilege Vulnerability Windows DWM Core Library: Windows DWM Core Library Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5006667 Ref

CVE-2021-41337 [MEDIUM] Active Directory Security Feature Bypass Vulnerability Active Directory Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? This vulnerability could allow an attacker to bypass Active Directory domain permissions for Key Admins groups. Role: Windows Active Directory Server: Role: Windows Active Directory Server Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Pub

CVE-2021-41336 [MEDIUM] Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Kernel: Windows Kernel Microsoft: Microsoft Impact: Information Disclo

CVE-2021-40468 [MEDIUM] Windows Bind Filter Driver Information Disclosure Vulnerability Windows Bind Filter Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Bind Filter Driver: Windows Bind Filter Driver

CVE-2021-41342 [MEDIUM] Windows MSHTML Platform Remote Code Execution Vulnerability Windows MSHTML Platform Remote Code Execution Vulnerability FAQ: The Security Updates table indicates that this vulnerability affects all supported versions of Microsoft Windows. Why are IE Cumulative updates listed for Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows Server 2012, Windows 8.1, and Windows Server 2012 R2? While Microsoft has announced retirement of the Internet Explorer 11 applicat

CVE-2021-41338 [MEDIUM] Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability Windows AppContainer Firewall Rules Security Feature Bypass Vulnerability Windows AppContainer: Windows AppContainer Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=

CVE-2021-36975 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows Win32K: Windows Win32K Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5005568 Reference: https://support.microsoft.com/help/5005568 Reference:

CVE-2021-38630 [HIGH] Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing Elevation of Privilege Vulnerability Windows Event Tracing: Windows Event Tracing Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5005568 Reference: https://su

CVE-2021-38634 [HIGH] Microsoft Windows Update Client Elevation of Privilege Vulnerability Microsoft Windows Update Client Elevation of Privilege Vulnerability Windows Update: Windows Update Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5005568 Reference: http

CVE-2021-36973 [HIGH] Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability Windows Redirected Drive Buffering: Windows Redirected Drive Buffering Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.mi

CVE-2021-36954 [HIGH] Windows Bind Filter Driver Elevation of Privilege Vulnerability Windows Bind Filter Driver Elevation of Privilege Vulnerability Windows Bind Filter Driver: Windows Bind Filter Driver Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5005568 R

CVE-2021-36974 [HIGH] Windows SMB Elevation of Privilege Vulnerability Windows SMB Elevation of Privilege Vulnerability Windows SMB: Windows SMB Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5005568 Reference: https://support.microsoft.com/help/5005568 Refere

CVE-2021-36960 [HIGH] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. Windows SMB: Windows SMB Microsoft: Microsoft Impact: Information Di

CVE-2021-36969 [MEDIUM] Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability Windows Redirected Drive Buffering SubSystem Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mod

CVE-2021-38637 [MEDIUM] Windows Storage Information Disclosure Vulnerability Windows Storage Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system. Windows Storage: Windows Storage Microsoft: Microsoft Impact: Information Disclosure Exploit Status: Publicly Disclosed:N

CVE-2021-36972 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. Windows SMB: Windows SMB Microsoft: Microsoft Impact: Information

CVE-2021-38632 [MEDIUM] BitLocker Security Feature Bypass Vulnerability BitLocker Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the BitLocker Device Encryption feature on the system storage device. An attacker with physical access to a powered off system could exploit this vulnerability to gain access to encrypted data. Windows BitLocker: Windows BitLocker Microsoft:

CVE-2021-38624 [MEDIUM] Windows Key Storage Provider Security Feature Bypass Vulnerability Windows Key Storage Provider Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A successful attacker could bypass the Windows Key Storage Provider which issues key certificates for trust in attestation scenarios. Windows Key Storage Provider: Windows Key Storage Provider Microsoft: Microsoft Impact: Security Feature

CVE-2021-34527 [HIGH] Windows Print Spooler Remote Code Execution Vulnerability Windows Print Spooler Remote Code Execution Vulnerability Description: A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user