CVE-2024-43552: Windows Shell Remote Code Execution Vulnerability

CVE-2024-43590: Visual C++ Redistributable Installer Elevation of Privilege Vulnerability

CVE-2024-43572: Microsoft Management Console Remote Code Execution Vulnerability

CVE-2024-43561: Windows Mobile Broadband Driver Denial of Service Vulnerability

CVE-2024-43558: Windows Mobile Broadband Driver Denial of Service Vulnerability

**How could an attacker exploit this vulnerability?**

An attacker could exploit the vulnerability by tricking an authenticated user (UI:R) into attempting to connect to a malicious SQL server database via a connection driver (for example: OLE DB or OLEDB as applicable). This could result in the database returning malicious data that could cause arbitrary code execution on the client.

Headline

CVE-2024-30077: Windows OLE Remote Code Execution Vulnerability

Microsoft Security Response Center: Latest News