Msrc Windows Server Version 2004 vulnerabilities

CVE-2021-33786 [HIGH] Windows LSA Security Feature Bypass Vulnerability Windows LSA Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? A read only domain controller (RODC) is able to delegate rights by granting itself a ticket. A full DC does not validate the ticket thus granting R/W privileges to a DC that should only have read privileges. Windows Local Security Authority Subsystem Service (LSASS): Windows

CVE-2021-34488 [HIGH] Windows Console Driver Elevation of Privilege Vulnerability Windows Console Driver Elevation of Privilege Vulnerability Windows Console Driver: Windows Console Driver Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https:

CVE-2021-33756 [HIGH] Windows DNS Snap-in Remote Code Execution Vulnerability Windows DNS Snap-in Remote Code Execution Vulnerability FAQ: How could an attacker exploit the vulnerability? An administrator would need to view a malicious record in the DNS Snap-in to allow exploitation this vulnerability. Role: DNS Server: Role: DNS Server Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older

CVE-2021-34449 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows Win32K: Windows Win32K Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com/help/5004244 Reference:

CVE-2021-33754 [HIGH] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability Microsoft Windows DNS: Microsoft Windows DNS Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.mic

CVE-2021-34442 [HIGH] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability FAQ: If my server is not configured to be a DNS server, it is vulnerable? No, this vulnerability is only exploitable if the server is configured to be a DNS server. Role: DNS Server: Role: DNS Server Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Softwa

CVE-2021-34490 [HIGH] Windows TCP/IP Driver Denial of Service Vulnerability Windows TCP/IP Driver Denial of Service Vulnerability Windows TCP/IP: Windows TCP/IP Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com/help/5004

CVE-2021-33771 [HIGH] Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Windows Kernel: Windows Kernel Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected;Older Software Release:Exploitation Detected;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com/help/5004244

CVE-2021-34450 [HIGH] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: How would an attacker exploit this vulnerability? This vulnerability would require an authenticated attacker on a guest VM to send specially crafted file operation requests on the VM to hardware resources on the VM which could result in remote code execution on the host server. Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Impact: Remote Code

CVE-2021-34456 [HIGH] Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager: Windows Remote Access Connection Manager Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog

CVE-2021-34489 [HIGH] DirectWrite Remote Code Execution Vulnerability DirectWrite Remote Code Execution Vulnerability FAQ: According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do? Exploitation of the vulnerability requires that a user open a specially crafted file. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-base

CVE-2021-34513 [HIGH] Storage Spaces Controller Elevation of Privilege Vulnerability Storage Spaces Controller Elevation of Privilege Vulnerability Windows Storage Spaces Controller: Windows Storage Spaces Controller Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=

CVE-2021-34445 [HIGH] Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager Elevation of Privilege Vulnerability Windows Remote Access Connection Manager: Windows Remote Access Connection Manager Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog

CVE-2021-33746 [HIGH] Windows DNS Server Remote Code Execution Vulnerability Windows DNS Server Remote Code Execution Vulnerability Microsoft Windows DNS: Microsoft Windows DNS Microsoft: Microsoft Impact: Remote Code Execution Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.mic

CVE-2021-34491 [MEDIUM] Win32k Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Win32K: Windows Win32K Microsoft: Microsoft Impact: Information Disclosure Exploit St

CVE-2021-33745 [MEDIUM] Windows DNS Server Denial of Service Vulnerability Windows DNS Server Denial of Service Vulnerability FAQ: If my server is not configured to be a DNS server, it is vulnerable? No, this vulnerability is only exploitable if the server is configured to be a DNS server. Role: DNS Server: Role: DNS Server Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release

CVE-2021-34499 [MEDIUM] Windows DNS Server Denial of Service Vulnerability Windows DNS Server Denial of Service Vulnerability Microsoft Windows DNS: Microsoft Windows DNS Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com

CVE-2021-33755 [MEDIUM] Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5004244 Reference: https://support.microsoft.com/help/

CVE-2021-33744 [MEDIUM] Windows Secure Kernel Mode Security Feature Bypass Vulnerability Windows Secure Kernel Mode Security Feature Bypass Vulnerability Windows Secure Kernel Mode: Windows Secure Kernel Mode Microsoft: Microsoft Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB50042

CVE-2021-31961 [MEDIUM] Windows InstallService Elevation of Privilege Vulnerability Windows InstallService Elevation of Privilege Vulnerability FAQ: What privileges could be gained by an attacker who successfully exploited the vulnerability? An attacker would only be able to delete targeted files on a system. They would not gain privileges to view or modify file contents. Windows Installer: Windows Installer Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclo