Jeongoh Kyea

**Name of the Vulnerable Software and Affected Versions** Windows Kernel Streaming WOW Thunk Service Driver versions prior to the fixed version **Description** The issue is related to a buffer overflow in the dynamic memory of the Kernel Streaming WOW Thunk Service Driver, which can be exploited to elevate privileges. This can be achieved by manipulating the buffer size, followed by a copy operation, allowing an attacker to gain SYSTEM-level privileges. The vulnerability is caused by an integer overflow in the ksthunk.sys driver. A publicly available exploit exists, and it has been reported that the vulnerability might still be a 0-day exploit. **Recommendations** For Windows Kernel Streaming WOW Thunk Service Driver, update to a version that includes the fix for this issue. As a temporary workaround, consider disabling the `CKSAutomationThunk::ThunkEnableEventIrp` function in the ksthunk.sys driver until a patch is available. Restrict access to the ksthunk.sys driver to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Windows Installer (affected versions not specified) **Description** The issue is related to synchronization errors when using a shared resource in the Windows operating system. It allows an attacker to elevate privileges in the system. This is an elevation-of-privilege issue that can affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows NTLM Security Support Provider (affected versions not specified) **Description** The issue is related to the implementation of the NTLM Security Support Provider protocol in the Windows operating system, which lacks protection for service data. This can allow a remote attacker to gain unauthorized access to protected information. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Print Spooler (affected versions not specified) **Description** The issue is related to insufficient access restrictions in the Windows Print Spooler, which can be exploited to elevate privileges. This could allow an attacker to affect the system. No information is provided about the estimated number of potentially affected devices or real-world incidents. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Installer (affected versions not specified) **Description** The issue is related to insufficient access restrictions in the Windows Installer component of Windows operating systems. It allows an attacker to potentially elevate their privileges. The vulnerability can be exploited to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue is related to the DiagTrack service in Microsoft Windows, which has insufficient access restrictions. This can be exploited by an attacker to elevate their privileges using a specially crafted link. It is an elevation-of-privilege vulnerability that allows attackers to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows NTFS (affected versions not specified) **Description** The issue is related to insecure privilege management in the Windows NTFS file system, allowing an attacker to elevate their privileges. This can affect the system, potentially leading to unauthorized access or control. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the Windows InstallService, which is caused by insecure privilege management. This vulnerability can be exploited to allow an attacker to elevate their privileges. The vulnerability may also be related to a Time-Of-Check Time-Of-Use (TOCTOU) denial-of-service issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Print Spooler (affected versions not specified) **Description** The issue is related to insufficient access restrictions in the Windows Print Spooler component of the Windows operating system. Exploitation of this issue may allow an attacker to elevate their privileges. It is described as an elevation-of-privilege vulnerability that enables attackers to impact the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient access control in the Win32k component of Windows operating systems, which can be exploited to elevate privileges using a specially crafted application. This can allow an attacker to affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) **Description** The issue is related to insufficient access control in the WalletService of Microsoft Windows operating systems. It allows an attacker to elevate their privileges, potentially affecting the system. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the Windows InstallService component, which is caused by errors in privilege management. Exploitation of this issue may allow an attacker to elevate their privileges using a specially crafted application. It affects the system and allows attackers to gain elevated access. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows AppX Deployment Extensions (affected versions not specified) **Description** The issue is related to insufficient access restrictions in Windows AppX Deployment Extensions, allowing an attacker to potentially elevate their privileges. This could affect the system, but specific details about the number of potentially affected devices or real-world incidents are not provided. The vulnerability is associated with a privilege escalation risk. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Print Spooler (affected versions not specified) Description: The issue is related to insufficient access control in the Windows Print Spooler service, allowing an attacker to elevate their privileges. This can impact the system, potentially leading to privilege escalation. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Print Spooler (affected versions not specified) Description: The issue is related to the Windows Print Spooler and involves insecure privilege management. It allows an attacker to elevate their privileges, potentially affecting the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Mobile Device Management (MDM) Diagnostics (affected versions not specified) **Description** The issue is related to an information disclosure problem when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions. This can allow an attacker to obtain sensitive information using a specially crafted application. The vulnerability is associated with a lack of protection for service data, which can be exploited to gain unauthorized access to protected information. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to errors in file operation handling in the Microsoft Store Install Service of Windows operating systems. It allows an attacker to potentially elevate their privileges using a specially crafted application. The vulnerability can be exploited to impact the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insecure privilege management in the Connected User Experience and Telemetry Service of Windows operating systems. It allows an attacker to overwrite files in arbitrary locations using a specially crafted application. This is an elevation-of-privilege issue that can affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows AppX Deployment Server (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the Windows AppX Deployment Server, which improperly handles file operations. To exploit this, an attacker must first gain execution on the victim system. This can potentially allow an attacker to elevate their privileges using a specially crafted application. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.