Multiple Microsoft Windows Products Vulnerabilities
April 17, 2024Multiple Microsoft Windows Products Vulnerabilities
April 17, 2024Multiple Microsoft Windows Products Vulnerabilities
April 17, 2024Multiple Microsoft Windows Products Vulnerabilities
April 17, 2024Severity
High
Analysis Summary
CVE-2024-26195 CVSS:7.2
Microsoft Windows could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a heap-based buffer overflow in the DHCP Server Service component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-26208 CVSS:7.2
Microsoft Windows could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an integer underflow in the Message Queuing (MSMQ) component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-26253 CVSS:6.8
Microsoft Windows could allow a physical attacker to execute arbitrary code on the system, caused by a improper input validation in the rndismp6.sys component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-29066 CVSS:7.2
Microsoft Windows could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a time-of-check-time-of-use race condition in the Distributed File System (DFS) component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system with SYSTEM privileges.
CVE-2024-26254 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the Virtual Machine Bus (VMBus) component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-26215 CVSS:7.5
Microsoft Windows is vulnerable to a denial of service, caused by uncontrolled memory consumption in the DHCP Server Service component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service.
CVE-2024-29050 CVSS:8.4
Microsoft Windows could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the Cryptographic Services component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-26194 CVSS:7.4
Microsoft Windows could allow a local attacker to bypass security restrictions, cause by a improper verification of cryptographic signatures in the Secure Boot component. An attacker could exploit this vulnerability to bypass secure booting.
CVE-2024-26189 CVSS:8
Microsoft Windows could allow a remote attacker within the local network to bypass security restrictions, cause by improper input validation in the Secure Boot component. An attacker could exploit this vulnerability to bypass secure booting.
CVE-2024-26256 CVSS:7.8
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a heap-based buffer overflow in the Compressed Folders (zip) component. By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2024-26245 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds read in the SMB component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain SYSTEM privileges.
CVE-2024-26250 CVSS:6.7
Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, cause by protection mechanism failure in the Secure Boot component. An attacker could exploit this vulnerability to bypass secure booting.
CVE-2024-28903 CVSS:6.7
Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, cause by protection mechanism failure in the Secure Boot component. An attacker could exploit this vulnerability to bypass secure booting.
CVE-2024-28901 CVSS:5.5
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a buffer over-read in the Remote Access Connection Manager component. By executing a specially crafted program, an attacker could exploit this vulnerability to obtain sensitive information from heap memory and use this information to launch further attacks against the affected system.
CVE-2024-28905 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Brokering File System component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.
CVE-2024-26217 CVSS:5.5
Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by an out-of-bounds read in the Remote Access Connection Manager component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2024-29056 CVSS:4.3
Microsoft Windows could allow a remote authenticated attacker to gain elevated privileges on the system, caused by use of a broken or risky cryptographic algorithm in the Authentication component. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain access that is granted to all users in an organization.
CVE-2024-3566 CVSS:7.8
Microsoft Windows could allow a local authenticated attacker to execute arbitrary commands on the system, caused by a flaw in the CreateProcess function. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-28921 CVSS:6.7
Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, cause by security mechanism failure in the Secure Boot component. An attacker could exploit this vulnerability to bypass secure booting.
Impact
- Gain Access
- Denial of Service
- Security Bypass
- Privilege Escalation
Indicators of Compromise
CVE
- CVE-2024-26195
- CVE-2024-26208
- CVE-2024-26253
- CVE-2024-29066
- CVE-2024-26254
- CVE-2024-26215
- CVE-2024-29050
- CVE-2024-26194
- CVE-2024-26189
- CVE-2024-26256
- CVE-2024-26245
- CVE-2024-26250
- CVE-2024-28903
- CVE-2024-28901
- CVE-2024-28905
- CVE-2024-26217
- CVE-2024-29056
- CVE-2024-3566
- CVE-2024-28921
Affected Vendors
Affected Products
- Microsoft Windows
- Microsoft Windows 10 for 32-bit Systems
- Microsoft Windows 10 for x64-based Systems
- Microsoft Windows Server 2022
- Microsoft Windows Server 2022 23H2
- Microsoft Windows 10 Version 1607 for 32-bit Systems 1607
- Microsoft Windows 10 Version 1607 for x64-based Systems 1607
- Microsoft Windows 10 Version 1809 for 32-bit Systems 1809
- Microsoft Windows 10 Version 1809 for ARM64-based Systems 1809
- Microsoft Windows 10 Version 1809 for x64-based Systems 1809
- Microsoft Windows 10 Version 21H2 for 32-bit Systems 21H2
- Microsoft Windows 10 Version 21H2 for ARM64-based Systems 21H2
- Microsoft Windows 10 Version 21H2 for x64-based Systems 21H2
- Microsoft Windows 10 Version 22H2 for 32-bit Systems 22H2
- Microsoft Windows 10 Version 22H2 for ARM64-based Systems 22H2
- Microsoft Windows 10 Version 22H2 for x64-based Systems 22H2
- Microsoft Windows 11 Version 22H2 for x64-based Systems 22H2
- Microsoft Windows 11 Version 23H2 for ARM64-based Systems 23H2
- Microsoft Windows 11 Version 23H2 for x64-based Systems 23H2
- Microsoft Windows 11 version 21H2 for ARM64-based Systems 22H2
- Microsoft Windows 11 version 21H2 for x64-based Systems 22H2
- Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 23H2
- Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) 23H2
- Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 23H2
- Microsoft Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) 23H2
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 23H2
- Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) 23H2
- Microsoft Windows Server 2012 23H2
- Microsoft Windows Server 2012 (Server Core installation) 23H2
- Microsoft Windows Server 2012 R2 23H2
- Microsoft Windows Server 2012 R2 (Server Core installation) 23H2
- Microsoft Windows Server 2016 23H2
- Microsoft Windows Server 2016 (Server Core installation) 23H2
- Microsoft Windows Server 2019 23H2
- Microsoft Windows Server 2019 (Server Core installation) 23H2
- Microsoft Windows Server 2022 (Server Core installation) 23H2
Remediation
Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.