Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2024-38099: Windows Remote Desktop Licensing Service Denial of Service Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to possess advanced reverse engineering skills to identify and gain unauthorized access to specific remote procedure call (RPC) endpoints.

Microsoft Security Response Center
#vulnerability#windows#dos#auth#Windows Remote Desktop Licensing Service#Security Vulnerability
CVE-2024-38076: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

The following mitigation may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as possible even if you plan to leave Remote Desktop Licensing Service disabled: **1\. Disable Remote Desktop Licensing Service if is not required.** If you no longer need this service on your system, consider disabling it as a security best practice. Disabling unused and unneeded services helps reduce your exposure to security vulnerabilities.

CVE-2024-38074: Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** An attacker could send a specially crafted packet to a server set up as a Remote Desktop Licensing server, which will cause remote code execution.

CVE-2024-38053: Windows Layer-2 Bridge Network Driver Remote Code Execution Vulnerability

**According to the CVSS score, the attack vector is adjacent (AV:A). What does this mean for this vulnerability?** This attack is limited to systems connected to the same network segment as the attacker. The attack cannot be performed across multiple networks (for example, a WAN) and would be limited to systems on the same network switch or virtual network.

CVE-2024-38073: Windows Remote Desktop Licensing Service Denial of Service Vulnerability

**According to the CVSS metric, successful exploitation of this vulnerability could lead to total loss of availability (A:H)? What does that mean for this vulnerability?** An attacker could impact availability of the service resulting in Denial of Service (DoS).

CVE-2024-38070: Windows LockDown Policy (WLDP) Security Feature Bypass Vulnerability

**What kind of security feature could be bypassed by successfully exploiting this vulnerability?** An attacker who successfully exploited this vulnerability could bypass the execution policy for the Windows LockDown Policy (WLDP) for the WDAC API.

CVE-2024-38050: Windows Workstation Service Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** If successfully exploited, this vulnerability could case attacker-controlled data on the heap to overwrite critical structures of the service, leading to arbitrary memory write or control flow hijacking, resulting in privilege escalation

CVE-2024-38079: Windows Graphics Component Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2024-38066: Windows Win32k Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2024-38069: Windows Enroll Engine Security Feature Bypass Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment and take additional actions prior to exploitation to prepare the target environment.