CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
52.8%
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, cause denial of service, obtain sensitive information.
Below is a complete list of vulnerabilities:
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
CVE-2024-30010 critical
CVE-2024-30025 critical
CVE-2024-30015 critical
CVE-2024-30009 critical
CVE-2024-30028 critical
CVE-2024-30019 high
CVE-2024-30039 high
CVE-2024-30031 critical
CVE-2024-30024 critical
CVE-2024-30016 high
CVE-2024-30011 high
CVE-2024-30049 critical
CVE-2024-30014 critical
CVE-2024-30027 critical
CVE-2024-30050 high
CVE-2024-30038 critical
CVE-2024-30037 critical
CVE-2024-30022 critical
CVE-2024-29996 critical
CVE-2024-30029 critical
CVE-2024-30006 critical
CVE-2024-30023 critical
CVE-2024-30036 high
CVE-2024-30020 critical
CVE-2024-30030 critical
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
support.microsoft.com/kb/5037778
support.microsoft.com/kb/5037780
support.microsoft.com/kb/5037800
support.microsoft.com/kb/5037803
support.microsoft.com/kb/5037823
support.microsoft.com/kb/5037836
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-29996
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30006
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30009
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30010
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30011
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30014
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30015
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30016
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30019
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30020
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30022
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30023
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30024
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30025
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30027
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30028
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30029
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30030
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30031
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30036
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30037
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30038
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30039
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30049
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30050
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/