Msrc Windows Server Version 2004 vulnerabilities

CVE-2021-28476 [CRITICAL] Windows Hyper-V Remote Code Execution Vulnerability Windows Hyper-V Remote Code Execution Vulnerability FAQ: Under what circumstances might this vulnerability be exploited other than as a denial of service attack against a Hyper-V host? This issue allows a guest VM to force the Hyper-V host's kernel to read from an arbitrary, potentially invalid address. The contents of the address read would not be returned to the guest VM. In most circumstances, this would result in

CVE-2021-31166 [CRITICAL] HTTP Protocol Stack Remote Code Execution Vulnerability HTTP Protocol Stack Remote Code Execution Vulnerability FAQ: How could an attacker exploit this vulnerability? In most situations, an unauthenticated attacker could send a specially crafted packet to a targeted server utilizing the HTTP Protocol Stack (http.sys) to process packets. Is this wormable? Yes. Microsoft recommends prioritizing the patching of affected servers. Windows HTTP.sys: Windows HTTP.sys Micros

CVE-2021-31167 [HIGH] Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service: Windows Container Manager Service Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/sit

CVE-2021-31168 [HIGH] Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service: Windows Container Manager Service Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/sit

CVE-2021-31170 [HIGH] Windows Graphics Component Elevation of Privilege Vulnerability Windows Graphics Component Elevation of Privilege Vulnerability Microsoft Graphics Component: Microsoft Graphics Component Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB500317

CVE-2021-31169 [HIGH] Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service: Windows Container Manager Service Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/sit

CVE-2021-31182 [HIGH] Microsoft Bluetooth Driver Spoofing Vulnerability Microsoft Bluetooth Driver Spoofing Vulnerability Microsoft Bluetooth Driver: Microsoft Bluetooth Driver Microsoft: Microsoft Impact: Spoofing Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5003174 Reference: https://catalog.update.microsoft

CVE-2021-31208 [HIGH] Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service: Windows Container Manager Service Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/sit

CVE-2021-31165 [HIGH] Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service Elevation of Privilege Vulnerability Windows Container Manager Service: Windows Container Manager Service Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/sit

CVE-2021-31205 [MEDIUM] Windows SMB Client Security Feature Bypass Vulnerability Windows SMB Client Security Feature Bypass Vulnerability FAQ: What kind of security feature could be bypassed by successfully exploiting this vulnerability? Guest fallback access in SMB2 is not disabled by default. Installing this security update will disable guest fallback access to enforce the operating system edition settings and Group Policy settings. Guest fallback behavior default will return matching previou

CVE-2021-31191 [MEDIUM] Windows Projected File System FS Filter Driver Information Disclosure Vulnerability Windows Projected File System FS Filter Driver Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory. Windows Projected File System FS Filter: Windows Projected File System FS Filter Microsoft: Microsoft

CVE-2021-31185 [MEDIUM] Windows Desktop Bridge Denial of Service Vulnerability Windows Desktop Bridge Denial of Service Vulnerability Windows Desktop Bridge: Windows Desktop Bridge Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5003173 Reference: https://support.mic

CVE-2021-28479 [MEDIUM] Windows CSC Service Information Disclosure Vulnerability Windows CSC Service Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is memory layout - the vulnerability allows an attacker to collect information that facilitates predicting addressing of the memory. Windows CSC Service: Windows CSC Service Microsof

CVE-2021-26416 [HIGH] Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability FAQ: How can an attacker exploit this vulnerability? An attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application. This can cause the host OS to crash by sending specially crafted request. Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Impact: Denial of Service Exploit

CVE-2021-27086 [HIGH] Windows Services and Controller App Elevation of Privilege Vulnerability Windows Services and Controller App Elevation of Privilege Vulnerability Windows Services and Controller App: Windows Services and Controller App Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.co

CVE-2021-28310 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows Win32K: Windows Win32K Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:Yes;Latest Software Release:Exploitation Detected;Older Software Release:Exploitation Detected;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001339 Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=

CVE-2021-28313 [HIGH] Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Windows Diagnostic Hub: Windows Diagnostic Hub Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Se

CVE-2021-28320 [HIGH] Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability Windows Resource Manager PSM Service Extension Elevation of Privilege Vulnerability Windows Resource Manager: Windows Resource Manager Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.co

CVE-2021-27072 [HIGH] Win32k Elevation of Privilege Vulnerability Win32k Elevation of Privilege Vulnerability Windows Win32K: Windows Win32K Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation More Likely;Older Software Release:Exploitation More Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5001339 Reference: https://catalog.update.microsoft.com/v7/site/Search.as

CVE-2021-28322 [HIGH] Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability Windows Diagnostic Hub: Windows Diagnostic Hub Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Se