Analysis Summary

CVE-2024-38100 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the File Explorer component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-37978 CVSS:8

Microsoft Windows could allow a remote attacker to bypass security restrictions, cause by a flaw in the Secure Boot component. An attacker could exploit this vulnerability to bypass security feature to cause impact on confidentiality, integrity and availability.

CVE-2024-38074 CVSS:9.8

Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Remote Desktop Licensing Service component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38044 CVSS:7.2

Microsoft Windows could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a flaw in the DHCP Server Service component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-37972 CVSS:8

Microsoft Windows could allow a remote attacker to bypass security restrictions, cause by a flaw in the Secure Boot component. An attacker could exploit this vulnerability to bypass security feature to cause impact on confidentiality, integrity and availability.

CVE-2024-38033 CVSS:7.3

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the PowerShell component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38069 CVSS:7

Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, cause by a flaw in the Enroll Engine component. An attacker could exploit this vulnerability to bypass security feature to cause impact on confidentiality, integrity and availability.

CVE-2024-38079 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Graphics component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-37986 CVSS:8

Microsoft Windows could allow a remote attacker to bypass security restrictions, cause by a flaw in Secure Boot component. An attacker could exploit this vulnerability to bypass security feature to cause impact on confidentiality, integrity and availability.

CVE-2024-38052 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Kernel Streaming WOW Thunk Service Driver component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38065 CVSS:6.8

Microsoft Windows could allow a physical attacker to bypass security restrictions, cause by a flaw in the Secure Boot component. An attacker could exploit this vulnerability to bypass security feature to cause impact on confidentiality, integrity and availability.

CVE-2024-30071 CVSS:4.7

Microsoft Windows Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Remote Access Connection Manager component. By executing a specially crafted program, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.

CVE-2024-38061 CVSS:7.5

Microsoft Windows could allow a remote authenticated attacker to gain elevated privileges on the system, caused by a flaw in the DCOM Remote Cross-Session Activation component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38076 CVSS:9.8

Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Remote Desktop Licensing Service component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-38053 CVSS:8.8

Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by a flaw in the Layer-2 Bridge Network Driver component. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2024-37984 CVSS:8.4

Microsoft Windows could allow a local authenticated attacker to bypass security restrictions, cause by a flaw in the Secure Boot component. An attacker could exploit this vulnerability to bypass security feature to cause impact on confidentiality, integrity and availability.

CVE-2024-3596 CVSS:7.5

Microsoft Windows could allow a remote authenticated attacker to conduct spoofing attacks.

CVE-2024-38027 CVSS:6.5

Microsoft Windows is vulnerable to a denial of service, caused by a flaw in the Line Printer Daemon Service component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-38071 CVSS:7.5

Microsoft Windows is vulnerable to a denial of service, caused by a use-after-free flaw in the Remote Desktop Licensing Service component. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-38034 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Filtering Platform component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38041 CVSS:5.5

Microsoft Windows could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the Kernel component. By executing a specially crafted program, an attacker could exploit this vulnerability to obtain sensitive information and then use this information to launch further attacks against the affected system.

CVE-2024-38085 CVSS:7.8

Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in the Graphics component. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

CVE-2024-38080 CVSS:7.8

Microsoft Windows Hyper-V could allow a local authenticated attacker to gain elevated privileges on the system. By executing a specially crafted program, an authenticated attacker could exploit this vulnerability to execute arbitrary code with higher privileges.

Impact

• Denial of Service
• Gain Access
• Code Execution
• Security Bypass
• Privilege Escalation
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2024-38100
• CVE-2024-37978
• CVE-2024-38074
• CVE-2024-38044
• CVE-2024-37972
• CVE-2024-38033
• CVE-2024-38069
• CVE-2024-38079
• CVE-2024-37986
• CVE-2024-38052
• CVE-2024-38065
• CVE-2024-30071
• CVE-2024-38061
• CVE-2024-38076
• CVE-2024-38053
• CVE-2024-37984
• CVE-2024-3596
• CVE-2024-38027
• CVE-2024-38071
• CVE-2024-38034
• CVE-2024-38041
• CVE-2024-38085
• CVE-2024-38080

Affected Vendors

Remediation

Use Microsoft Automatic Update to apply the appropriate patch for your system, or the Microsoft Security Update Guide to search for available patches.

CVE-2024-38100

CVE-2024-37978

CVE-2024-38074

CVE-2024-38044

CVE-2024-37972

CVE-2024-38033

CVE-2024-38069

CVE-2024-38079

CVE-2024-37986

CVE-2024-38052

CVE-2024-38065

CVE-2024-30071

CVE-2024-38061

CVE-2024-38076

CVE-2024-38053

CVE-2024-37984

CVE-2024-3596

CVE-2024-38027

CVE-2024-38071

CVE-2024-38034

CVE-2024-38041

CVE-2024-38085

CVE-2024-38080