Danny Odler

**Name of the Vulnerable Software and Affected Versions** Microsoft Message Queuing (MSMQ) (affected versions not specified) **Description** The issue is related to insufficient access restrictions in Microsoft Message Queuing (MSMQ) in Microsoft Windows operating systems. Exploitation of this issue may allow an attacker to elevate their privileges. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Event Tracing for Windows (affected versions not specified) **Description** The issue is related to synchronization errors when using a shared resource in the Event Tracing service for Microsoft Windows operating systems. This can allow an attacker to disclose protected information. The vulnerability enables attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** AMD processors (affected versions not specified) **Description** The issue is related to improper handling of pointers in the System Management Mode (SMM) handling code, which may allow a privileged attacker with physical or administrative access to manipulate the AMD Generic Encapsulated Software Architecture (AGESA) and execute arbitrary code undetected by the operating system. This could potentially lead to control over the UEFI firmware, resulting in full access to the system. The attack requires either physical access to the equipment or administrative access to the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.