Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2024-38143: Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability

**How could an attacker exploit this vulnerability?** An unauthenticated attacker could exploit the vulnerability by interacting with a malicious wireless network from the lock screen of a device. Successful exploitation of this vulnerability does not crash systems or allow unauthorized access. However, it can potentially leak sensitive information.

Microsoft Security Response Center
#vulnerability#windows#auth#Windows WLAN Auto Config Service#Security Vulnerability
CVE-2024-38154: Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.

CVE-2024-38150: Windows DWM Core Library Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2024-38116: Windows IP Routing Management Snapin Remote Code Execution Vulnerability

**According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?** Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges.

CVE-2024-38115: Windows IP Routing Management Snapin Remote Code Execution Vulnerability

**According to the CVSS metric, the attack vector is network (AV:N) and the user interaction is required (UI:R). What is the target context of the remote code execution?** This attack requires a client to connect to a malicious server, and that could allow the attacker to gain code execution on the client.

CVE-2024-38114: Windows IP Routing Management Snapin Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could exploit this vulnerability by tricking a user into sending a request to a malicious server. This could result in the server returning malicious data that might cause arbitrary code execution on the user's system.

CVE-2024-29995: Windows Kerberos Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2024-38213: Windows Mark of the Web Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could bypass the SmartScreen user experience.

CVE-2023-40547: Redhat: CVE-2023-40547 Shim - RCE in HTTP boot support may lead to secure boot bypass

**Why is this Red Hat, Inc. CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Linux Shim boot. It is being documented in the Security Update Guide to announce that the latest builds of Microsoft Windows address this vulnerability by blocking old, unpatched, Linux boot loaders by applying SBAT (Secure Boot Advanced Targeting) EFI variables in the UEFI library. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. For more information see: CVE-2023-40547.

CVE-2024-38199: Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

**The following mitigating factors might be helpful in your situation:** * Users are advised against installing or enabling the Line Printer Daemon (LPD) service. * The LPD is not installed or enabled on the systems by default. * The LPD has been announced as deprecated since Windows Server 2012. Please refer to: Features Removed or Deprecated in Windows Server 2012.