Roi Mallo

**Name of the Vulnerable Software and Affected Versions** Windows Server 2012 R2 Windows RT 8.1 Windows Server 2012 Windows Server 2016 Windows 8.1 Windows 10 Windows 10 Servers **Description** The issue is related to an elevation of privilege vulnerability that occurs when Windows improperly handles objects in memory and incorrectly maps kernel memory. This can be exploited by an attacker using a specially crafted application to elevate their privileges. **Recommendations** For Windows Server 2012 R2, update to a version that includes the fix for this issue. For Windows RT 8.1, update to a version that includes the fix for this issue. For Windows Server 2012, update to a version that includes the fix for this issue. For Windows Server 2016, update to a version that includes the fix for this issue. For Windows 8.1, update to a version that includes the fix for this issue. For Windows 10, update to a version that includes the fix for this issue. For Windows 10 Servers, update to a version that includes the fix for this issue.

**Name of the Vulnerable Software and Affected Versions** HP Data Protector Media Operations versions 6.11 and earlier **Description** The issue allows remote attackers to execute arbitrary code via a crafted request containing a large value in a length field. **Recommendations** For versions 6.11 and earlier, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Apple QuickTime versions prior to 7.7 **Description** A heap-based buffer overflow issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted GIF file. **Recommendations** For Apple QuickTime versions prior to 7.7, update to version 7.7 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** HP Data Protector Manager version 6.11 **Description** The issue allows remote attackers to cause a denial of service, resulting in a crash of the RDS service, by sending a packet with a large data size to TCP port 1530. **Recommendations** For HP Data Protector Manager version 6.11, consider restricting access to TCP port 1530 to minimize the risk of exploitation. As a temporary workaround, limiting the size of incoming data packets may help prevent the denial of service.