Msrc Windows Server Version 1909 vulnerabilities

CVE-2021-28347 [HIGH] Windows Speech Runtime Elevation of Privilege Vulnerability Windows Speech Runtime Elevation of Privilege Vulnerability Microsoft Windows Speech: Microsoft Windows Speech Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001339 Reference: ht

CVE-2021-28445 [HIGH] Windows Network File System Remote Code Execution Vulnerability Windows Network File System Remote Code Execution Vulnerability Windows Network File System: Windows Network File System Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001342

CVE-2021-28351 [HIGH] Windows Speech Runtime Elevation of Privilege Vulnerability Windows Speech Runtime Elevation of Privilege Vulnerability Microsoft Windows Speech: Microsoft Windows Speech Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001339 Reference: ht

CVE-2021-28446 [HIGH] Windows Portmapping Information Disclosure Vulnerability Windows Portmapping Information Disclosure Vulnerability Description: N/A FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Windows Portmapping: Windows Portmapping Microsoft: Microsoft Impact: Information Disclosure Exploit Status: Publicly Disclosed:No;Exploite

CVE-2021-28442 [MEDIUM] Windows TCP/IP Information Disclosure Vulnerability Windows TCP/IP Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Windows TCP/IP: Windows TCP/IP Microsoft: Microsoft Impact: Information Disclosure Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploit

CVE-2021-28441 [MEDIUM] Windows Hyper-V Information Disclosure Vulnerability Windows Hyper-V Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is Guest VM to Hyper-V host server - virtualization security boundary. Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Impact: Information Disclosure Exploit Status: Publ

CVE-2021-28435 [MEDIUM] Windows Event Tracing Information Disclosure Vulnerability Windows Event Tracing Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Windows Event Tracing: Windows Event Tracing

CVE-2021-28438 [MEDIUM] Windows Console Driver Denial of Service Vulnerability Windows Console Driver Denial of Service Vulnerability Windows Console Driver: Windows Console Driver Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001339 Reference: https://catalog.upd

CVE-2021-27079 [MEDIUM] Windows Media Photo Codec Information Disclosure Vulnerability Windows Media Photo Codec Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Microsoft Windows Codecs Library: Microsoft Windows Codecs Library Microsoft: Microsoft Impact: Information Disclosure Exploit Status: Publicly

CVE-2021-27094 [MEDIUM] Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Windows ELAM: Windows ELAM Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001339

CVE-2021-28316 [MEDIUM] Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability Windows WLAN AutoConfig Service Security Feature Bypass Vulnerability Windows WLAN Auto Config Service: Windows WLAN Auto Config Service Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site

CVE-2021-28444 [MEDIUM] Windows Hyper-V Security Feature Bypass Vulnerability Windows Hyper-V Security Feature Bypass Vulnerability FAQ: What configurations or versions could be at risk from this vulnerability? This bypass could affect any Hyper-V configurations that are using Router Guard. What is the exposure if the vulnerability was bypassed? Certain packets that would normally be blocked or dropped could be processed. This could allow an attacker to bypass set policy, potentially influencin

CVE-2021-26417 [MEDIUM] Windows Overlay Filter Information Disclosure Vulnerability Windows Overlay Filter Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Windows Overlay Filter: Windows Overlay Filt

CVE-2021-28325 [MEDIUM] Windows SMB Information Disclosure Vulnerability Windows SMB Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory and kernel memory - unintentional read access to memory contents in kernel space from a user mode process. Windows SMB Server: Windows SMB Server Microsoft: Microsoft Impact

CVE-2021-28326 [MEDIUM] Windows AppX Deployment Server Denial of Service Vulnerability Windows AppX Deployment Server Denial of Service Vulnerability Windows AppX Deployment Extensions: Windows AppX Deployment Extensions Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=K

CVE-2021-28311 [MEDIUM] Windows Application Compatibility Cache Denial of Service Vulnerability Windows Application Compatibility Cache Denial of Service Vulnerability Windows Application Compatibility Cache: Windows Application Compatibility Cache Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft

CVE-2021-27092 [MEDIUM] Azure AD Web Sign-in Security Feature Bypass Vulnerability Azure AD Web Sign-in Security Feature Bypass Vulnerability Azure AD Web Sign-in: Azure AD Web Sign-in Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001330 Reference: https://s

CVE-2021-28447 [MEDIUM] Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Windows Early Launch Antimalware Driver Security Feature Bypass Vulnerability Windows Early Launch Antimalware Driver: Windows Early Launch Antimalware Driver Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalo

CVE-2021-28312 [LOW] Windows NTFS Denial of Service Vulnerability Windows NTFS Denial of Service Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001342 Reference: https://support.microsoft.com/help/5001342 Reference: https:

CVE-2021-26897 [CRITICAL] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: Can this vulnerability by mitigated by enabling Secure Zone Updates? Enabling Secure Zone Updates constrains the potential sources of the attack, but does not completely prevent it. For example, a malicious insider could attack a “secure zone update” DNS server from a domain-joined computer. This is only a partial mitigation. Does this vulnerability impact