Immortalp0Ny

**Name of the Vulnerable Software and Affected Versions** Windows NTFS (affected versions not specified) **Description** A heap-based buffer overflow exists in Windows NTFS that could allow an authorized attacker to execute code locally. Remote attackers may be able to execute arbitrary code and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows NTFS (affected versions not specified) Description: A stack-based buffer overflow exists in Windows NTFS that could allow a local attacker to execute code. The vulnerability may also allow remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows DWM Core Library versions prior to the fixed version **Description** The issue is related to an elevation of privilege vulnerability in the Windows DWM Core Library, which can be exploited to allow an attacker to gain system-level privileges. This vulnerability is associated with the indirect bypass of the process check about DWM of NtDCompositionDuplicateHandleToProcess, leading to a kernel arbitrary address write. The vulnerability affects all current versions of Windows, including Windows 10, 11, and server editions. Microsoft has released security updates to patch this vulnerability. **Recommendations** For Windows DWM Core Library versions prior to the fixed version, apply the security update released by Microsoft to patch the vulnerability. As a temporary workaround, consider restricting access to the DWM Core Library until the patch is applied. Avoid using the NtDCompositionDuplicateHandleToProcess function in the affected library until the issue is resolved.