Bruce Monroe

Name of the Vulnerable Software and Affected Versions: Das U-Boot versions prior to 2021.04-rc2 Description: The issue concerns the boot loader in Das U-Boot, which mishandles a modified FIT. Recommendations: For versions prior to 2021.04-rc2, update to version 2021.04-rc2 or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Das U-Boot versions prior to 2021.04-rc2 Description: The boot loader in Das U-Boot mishandles use of unit addresses in a FIT. Recommendations: For versions prior to 2021.04-rc2, update to version 2021.04-rc2 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Windows Defender versions on Windows 8 and Windows RT **Description** The issue is related to the Microsoft Antimalware Client in Windows Defender, which uses an incorrect pathname for MsMpEng.exe. This allows local users to gain privileges via a crafted application. **Recommendations** For Windows Defender on Windows 8 and Windows RT, at the moment, there is no information about a newer version that contains a fix for this vulnerability.