Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2022-22015: Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap.

Microsoft Security Response Center
#vulnerability#web#windows#Windows Remote Desktop#Security Vulnerability
CVE-2022-22011: Windows Graphics Component Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** Exploiting this vulnerability could allow the disclosure of initialized or uninitialized memory in the process heap.

CVE-2022-29113: Windows Digital Media Receiver Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2022-26937: Windows Network File System Remote Code Execution Vulnerability

Mitigation refers to a setting, common configuration, or general best-practice, existing in a default state, that could reduce the severity of exploitation of a vulnerability. The following mitigating factors might be helpful in your situation: This vulnerability is not exploitable in NFSV4.1. Prior to updating your version of Windows that protects against this vulnerability, you can mitigate an attack by disabling NFSV2 and NFSV3. This may adversely affect your ecosystem and should only be used as a temporary mitigation. The following PowerShell command will disable those versions: PS C:\Set-NfsServerConfiguration -EnableNFSV2 $false -EnableNFSV3 $false After this, you will need to restart NFS server or reboot the machine. To restart NFS server, start a **cmd** window with **Run as Administrator**, enter the following commands: * **nfsadmin server stop** * **nfsadmin server start** To confirm that NFSv2 and NFSv3 have been turned off, run the following command in a Powershe...

CVE-2022-29134: Windows Clustered Shared Volume Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.

CVE-2022-29115: Windows Fax Service Remote Code Execution Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** Exploitation of the vulnerability requires that a user import a specially crafted contact record and sends it a FAX.

CVE-2022-26931: Windows Kerberos Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to prepare the target environment to improve exploit reliability.

CVE-2022-29140: Windows Print Spooler Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is unauthorized file system access - reading from the file system.

CVE-2022-29133: Windows Kernel Elevation of Privilege Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.

CVE-2022-29122: Windows Clustered Shared Volume Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.