Msrc Windows Server Version 20H2 vulnerabilities

CVE-2021-36976 [MEDIUM] Libarchive Remote Code Execution Vulnerability Libarchive Remote Code Execution Vulnerability FAQ: Why is this a MITRE Corporation CVE? CVE-2021-36976 is regarding a vulnerability in the libarchive open source library which is used by Windows. The January 2022 Windows Security Updates include the most recent version of this library which addresses the vulnerability and others. Please see libarchive CVEs for more information regarding all of the vulnerabilities that have

CVE-2022-21884 [HIGH] Local Security Authority Subsystem Service Elevation of Privilege Vulnerability Local Security Authority Subsystem Service Elevation of Privilege Vulnerability Windows Local Security Authority Subsystem Service (LSASS): Windows Local Security Authority Subsystem Service (LSASS) Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Softwa

CVE-2022-21876 [MEDIUM] Win32k Information Disclosure Vulnerability Win32k Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Win32K: Windows Win32K Microsoft: Microsoft Customer Action Required: Yes Impact: Inf

CVE-2022-21906 [MEDIUM] Windows Defender Application Control Security Feature Bypass Vulnerability Windows Defender Application Control Security Feature Bypass Vulnerability Windows Defender: Windows Defender Microsoft: Microsoft Customer Action Required: Yes Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/sit

CVE-2022-21921 [MEDIUM] Windows Defender Credential Guard Security Feature Bypass Vulnerability Windows Defender Credential Guard Security Feature Bypass Vulnerability Windows Defender: Windows Defender Microsoft: Microsoft Customer Action Required: Yes Impact: Security Feature Bypass Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Sear

CVE-2022-21847 [MEDIUM] Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 Reference: https://supp

CVE-2022-21879 [MEDIUM] Windows Kernel Elevation of Privilege Vulnerability Windows Kernel Elevation of Privilege Vulnerability Windows Kernel: Windows Kernel Microsoft: Microsoft Customer Action Required: Yes Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 Reference: https://suppo

CVE-2022-21877 [MEDIUM] Storage Spaces Controller Information Disclosure Vulnerability Storage Spaces Controller Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Storage Spaces Controller: Windows Storage Spaces

CVE-2022-21918 [MEDIUM] DirectX Graphics Kernel File Denial of Service Vulnerability DirectX Graphics Kernel File Denial of Service Vulnerability Windows DirectX: Windows DirectX Microsoft: Microsoft Customer Action Required: Yes Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5009557 Reference

CVE-2021-43237 [HIGH] Windows Setup Elevation of Privilege Vulnerability Windows Setup Elevation of Privilege Vulnerability Windows Update Stack: Windows Update Stack Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008206 Reference: https://catalog.update.micro

CVE-2021-43219 [HIGH] DirectX Graphics Kernel File Denial of Service Vulnerability DirectX Graphics Kernel File Denial of Service Vulnerability Windows DirectX: Windows DirectX Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218 Reference: https://support.microso

CVE-2021-43239 [HIGH] Windows Recovery Environment Agent Elevation of Privilege Vulnerability Windows Recovery Environment Agent Elevation of Privilege Vulnerability Windows Update Stack: Windows Update Stack Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB500821

CVE-2021-43231 [HIGH] Windows NTFS Elevation of Privilege Vulnerability Windows NTFS Elevation of Privilege Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218 Reference: https://support.microsoft.com/help/5008218 Re

CVE-2021-43247 [HIGH] Windows TCP/IP Driver Elevation of Privilege Vulnerability Windows TCP/IP Driver Elevation of Privilege Vulnerability Windows TCP/IP: Windows TCP/IP Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218 Reference: https://support.microsof

CVE-2021-43228 [HIGH] SymCrypt Denial of Service Vulnerability SymCrypt Denial of Service Vulnerability Windows SymCrypt: Windows SymCrypt Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218 Reference: https://support.microsoft.com/help/5008218 Reference: https:

CVE-2021-43240 [HIGH] NTFS Set Short Name Elevation of Privilege Vulnerability NTFS Set Short Name Elevation of Privilege Vulnerability Windows NTFS: Windows NTFS Microsoft: Microsoft Impact: Elevation of Privilege Exploit Status: Publicly Disclosed:Yes;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008206 Reference: https://catalog.update.microsof

CVE-2021-43235 [MEDIUM] Storage Spaces Controller Information Disclosure Vulnerability Storage Spaces Controller Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Storage: Windows Storage Microsoft: Microsoft Im

CVE-2021-43244 [MEDIUM] Windows Kernel Information Disclosure Vulnerability Windows Kernel Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Kernel: Windows Kernel Microsoft: Microsoft Impact: Information Disclo

CVE-2021-43227 [MEDIUM] Storage Spaces Controller Information Disclosure Vulnerability Storage Spaces Controller Information Disclosure Vulnerability FAQ: What type of information could be disclosed by this vulnerability? The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process. Windows Storage Spaces Controller: Windows Storage Spaces

CVE-2021-43246 [MEDIUM] Windows Hyper-V Denial of Service Vulnerability Windows Hyper-V Denial of Service Vulnerability Role: Windows Hyper-V: Role: Windows Hyper-V Microsoft: Microsoft Impact: Denial of Service Exploit Status: Publicly Disclosed:No;Exploited:No;Latest Software Release:Exploitation Less Likely;Older Software Release:Exploitation Less Likely;DOS:N/A Reference: https://catalog.update.microsoft.com/v7/site/Search.aspx?q=KB5008218 Reference: https://support.microsoft.com/help/