Conor Mcerlane

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 5.2.44 Oracle VM VirtualBox versions prior to 6.0.24 Oracle VM VirtualBox versions prior to 6.1.12 **Description** The issue is related to insufficient access control in the Core component of Oracle VM VirtualBox, allowing a highly privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise it. Successful attacks can result in the takeover of Oracle VM VirtualBox and may significantly impact additional products. **Recommendations** For Oracle VM VirtualBox versions prior to 5.2.44, update to version 5.2.44 or later. For Oracle VM VirtualBox versions prior to 6.0.24, update to version 6.0.24 or later. For Oracle VM VirtualBox versions prior to 6.1.12, update to version 6.1.12 or later.

**Name of the Vulnerable Software and Affected Versions** Windows Error Reporting (affected versions not specified) **Description** The issue is related to insufficient access restrictions in the Windows Error Reporting service, which can be exploited to elevate privileges. This allows an attacker to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.