Microsoft : Security Vulnerabilities, CVEs,
CVE-2024-21338
Known exploited
Public exploit
Windows Kernel Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.11%
Published
2024-02-13
Updated
2024-04-11
CISA KEV Added
2024-03-04
CVE-2023-38146
Public exploit
Windows Themes Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
85.84%
Published
2023-09-12
Updated
2024-01-05
CVE-2023-36874
Known exploited
Public exploit
Windows Error Reporting Service Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.15%
Published
2023-07-11
Updated
2023-09-27
CISA KEV Added
2023-07-11
CVE-2023-29357
Known exploited
Public exploit
Used for ransomware
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Max CVSS
9.8
EPSS Score
52.87%
Published
2023-06-14
Updated
2024-01-11
CISA KEV Added
2024-01-10
CVE-2023-28252
Known exploited
Public exploit
Used for ransomware
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
2.55%
Published
2023-04-11
Updated
2023-09-14
CISA KEV Added
2023-04-11
CVE-2023-24955
Known exploited
Public exploit
Used for ransomware
Microsoft SharePoint Server Remote Code Execution Vulnerability
Max CVSS
7.2
EPSS Score
41.96%
Published
2023-05-09
Updated
2024-03-27
CISA KEV Added
2024-03-26
CVE-2023-21768
Public exploit
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.40%
Published
2023-01-10
Updated
2023-04-27
CVE-2023-21554
Public exploit
Microsoft Message Queuing Remote Code Execution Vulnerability
Max CVSS
9.8
EPSS Score
95.92%
Published
2023-04-11
Updated
2023-04-19
CVE-2022-41082
Known exploited
Public exploit
Used for ransomware
Microsoft Exchange Server Remote Code Execution Vulnerability
Max CVSS
8.0
EPSS Score
11.51%
Published
2022-10-03
Updated
2023-12-20
CISA KEV Added
2022-09-30
CVE-2022-41040
Known exploited
Public exploit
Used for ransomware
Microsoft Exchange Server Elevation of Privilege Vulnerability
Max CVSS
8.8
EPSS Score
96.64%
Published
2022-10-03
Updated
2023-12-20
CISA KEV Added
2022-09-30
CVE-2022-30190
Known exploited
Public exploit
<p>A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of the calling application. The attacker can then install programs, view, change, or delete data, or create new accounts in the context allowed by the user’s rights.</p>
<p>Please see the <a href="https://aka.ms/CVE-2022-30190-Guidance">MSRC Blog Entry</a> for important information about steps you can take to protect your system from this vulnerability.</p>
Max CVSS
9.3
EPSS Score
97.14%
Published
2022-06-01
Updated
2023-12-20
CISA KEV Added
2022-06-14
CVE-2022-26923
Known exploited
Public exploit
Active Directory Domain Services Elevation of Privilege Vulnerability
Max CVSS
9.0
EPSS Score
7.08%
Published
2022-05-10
Updated
2023-12-21
CISA KEV Added
2022-08-18
CVE-2022-26904
Known exploited
Public exploit
Windows User Profile Service Elevation of Privilege Vulnerability
Max CVSS
7.0
EPSS Score
0.10%
Published
2022-04-15
Updated
2023-06-29
CISA KEV Added
2022-04-25
CVE-2022-23277
Public exploit
Microsoft Exchange Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
1.50%
Published
2022-03-09
Updated
2023-06-29
CVE-2022-21999
Known exploited
Public exploit
Windows Print Spooler Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.10%
Published
2022-02-09
Updated
2023-06-29
CISA KEV Added
2022-03-25
CVE-2022-21882
Known exploited
Public exploit
Win32k Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.11%
Published
2022-01-11
Updated
2023-12-21
CISA KEV Added
2022-02-04
CVE-2021-42321
Known exploited
Public exploit
Used for ransomware
Microsoft Exchange Server Remote Code Execution Vulnerability
Max CVSS
8.8
EPSS Score
96.51%
Published
2021-11-10
Updated
2023-12-28
CISA KEV Added
2021-11-17
CVE-2021-40449
Known exploited
Public exploit
Used for ransomware
Win32k Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
0.15%
Published
2021-10-13
Updated
2023-08-01
CISA KEV Added
2021-11-17
CVE-2021-40444
Known exploited
Public exploit
Used for ransomware
<p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.</p>
<p>An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p>
<p>Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Customers should keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action. Enterprise customers who manage updates should select the detection build 1.349.22.0 or newer and deploy it across their environments. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”.</p>
<p>Upon completion of this investigation, Microsoft will take the appropriate action to help protect our customers. This may include providing a security update through our monthly release process or providing an out-of-cycle security update, depending on customer needs.</p>
<p>Please see the <strong>Mitigations</strong> and <strong>Workaround</strong> sections for important information about steps you can take to protect your system from this vulnerability.</p>
<p><strong>UPDATE</strong> September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system.</p>
Max CVSS
8.8
EPSS Score
96.87%
Published
2021-09-15
Updated
2023-12-28
CISA KEV Added
2021-11-03
CVE-2021-38648
Known exploited
Public exploit
Open Management Infrastructure Elevation of Privilege Vulnerability
Max CVSS
7.8
EPSS Score
96.24%
Published
2021-09-15
Updated
2023-12-28
CISA KEV Added
2021-11-03
CVE-2021-38647
Known exploited
Public exploit
Used for ransomware
Open Management Infrastructure Remote Code Execution Vulnerability
Max CVSS
9.8
EPSS Score
97.47%
Published
2021-09-15
Updated
2023-12-28
CISA KEV Added
2021-11-03
CVE-2021-36942
Known exploited
Public exploit
Used for ransomware
Windows LSA Spoofing Vulnerability
Max CVSS
7.5
EPSS Score
85.29%
Published
2021-08-12
Updated
2023-12-28
CISA KEV Added
2021-11-03
CVE-2021-34527
Known exploited
Public exploit
Used for ransomware
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
<p>UPDATE July 7, 2021: The security update for Windows Server 2012, Windows Server 2016 and Windows 10, Version 1607 have been released. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability.</p>
<p>In addition to installing the updates, in order to secure your system, you must confirm that the following registry settings are set to 0 (zero) or are not defined (<strong>Note</strong>: These registry keys do not exist by default, and therefore are already at the secure setting.), also that your Group Policy setting are correct (see FAQ):</p>
<ul>
<li>HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Printers\PointAndPrint</li>
<li>NoWarningNoElevationOnInstall = 0 (DWORD) or not defined (default setting)</li>
<li>UpdatePromptSettings = 0 (DWORD) or not defined (default setting)</li>
</ul>
<p><strong>Having NoWarningNoElevationOnInstall set to 1 makes your system vulnerable by design.</strong></p>
<p>UPDATE July 6, 2021: Microsoft has completed the investigation and has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. If you are unable to install these updates, see the FAQ and Workaround sections in this CVE for information on how to help protect your system from this vulnerability. See also <a href="https://support.microsoft.com/topic/31b91c02-05bc-4ada-a7ea-183b129578a7">KB5005010: Restricting installation of new printer drivers after applying the July 6, 2021 updates</a>.</p>
<p>Note that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527.</p>
Max CVSS
9.0
EPSS Score
96.69%
Published
2021-07-02
Updated
2024-02-02
CISA KEV Added
2021-11-03
CVE-2021-34523
Known exploited
Public exploit
Used for ransomware
Microsoft Exchange Server Elevation of Privilege Vulnerability
Max CVSS
9.8
EPSS Score
78.22%
Published
2021-07-14
Updated
2024-02-13
CISA KEV Added
2021-11-03
CVE-2021-34473
Known exploited
Public exploit
Used for ransomware
Microsoft Exchange Server Remote Code Execution Vulnerability
Max CVSS
10.0
EPSS Score
97.32%
Published
2021-07-14
Updated
2023-12-28
CISA KEV Added
2021-11-03
11518 vulnerabilities found
1
2
3
4
5
6 ......
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461