Yanzishuang

Name of the Vulnerable Software and Affected Versions: Windows Shell (affected versions not specified) Description: A numeric truncation error in Windows Shell allows an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows DWM Core Library (affected versions not specified) Description: The issue is related to improper input validation, which allows an authorized attacker to elevate privileges locally. This can affect the system, potentially leading to unauthorized access or control. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Core Messaging (affected versions not specified) Description: The issue is related to an elevation of privileges in Windows Core Messaging, which is associated with a buffer overflow in dynamic memory. This could allow an attacker to elevate their privileges. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Core Messaging (affected versions not specified) Description: An elevation-of-privilege issue affects the system, allowing attackers to exploit it. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Windows Core Messaging (affected versions not specified) Description: An elevation-of-privilege issue affects the system, allowing attackers to elevate their privileges. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an integer overflow in the DHCP Server Service of Windows operating systems. It allows a remote attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient input validation in the DHCP Server Service of Windows operating systems. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient input validation in the DHCP Server Service of Windows operating systems. This can be exploited by a remote attacker to cause a denial of service. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to an information disclosure vulnerability in the DHCP server service of Windows operating systems. It allows a remote attacker to disclose protected information. The vulnerability can be exploited by attackers to obtain sensitive information and potentially affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows DHCP Server Service (affected versions not specified) **Description** The vulnerability is related to insufficient protection of service data in the Windows DHCP Server Service, which can be exploited by a remote attacker to gain unauthorized access to protected information. It allows attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows DHCP Server Service (affected versions not specified) **Description** The issue is related to an information disclosure vulnerability in the DHCP Server Service of Windows operating systems. This vulnerability can be exploited by a remote attacker to disclose protected information. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. Technical details about exploitation include the potential for attackers to obtain sensitive information and affect the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows versions 2008 R2 SP1 through 2019 **Description** The issue is related to insufficient input validation in the Windows DHCP server service, allowing remote attackers to execute arbitrary code. This can be achieved through remote procedure calls. The estimated number of potentially affected devices is not specified. **Recommendations** For Windows versions 2008 R2 SP1 through 2019, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to the DHCP server service until a patch is available. Avoid using remote procedure calls to the DHCP server service until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Win32 Kernel Subsystem (affected versions not specified) **Description** The issue is related to insufficient access control in the Windows Win32 Kernel Subsystem, allowing an attacker to elevate their privileges. This can impact the system, potentially enabling unauthorized actions. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is caused by synchronization errors when using a shared resource in the Advanced Local Procedure Call (ALPC) handler of the Windows operating system. This can allow an attacker to elevate their privileges. The estimated number of potentially affected devices and details about real-world incidents are not provided. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows (affected versions not specified) **Description** The issue is related to insufficient access control in the Microsoft Windows operating system kernel, allowing an attacker to elevate their privileges. This can enable an attacker to impact the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Kernel (affected versions not specified) **Description** The issue is related to an elevation of privilege vulnerability in the Windows Kernel, associated with inadequate access control. Exploitation of this issue may allow an attacker to elevate their privileges. The vulnerability can be exploited by attackers to impact the system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Windows (affected versions not specified) Windows 10 versions prior to February 2021 **Description** A memory buffer overflow and type confusion issue exists in the Win32k component of the Windows kernel. During the execution of the `NtUserCreateWindowEx()` function, an attacker can abuse a user-mode callback to confuse the `win32k.sys` driver regarding the `cbWndExtra` and `pExtraBytes` fields. This allows the `SetWindowLongPtr()` function to be used as an arbitrary kernel read/write primitive, enabling an attacker to overwrite the current process token with the SYSTEM token to gain full privileges. This issue has been actively exploited in the wild by the APT Bitter group and integrated into the Disco malware framework to facilitate privilege escalation. It was also observed in attacks targeting medical institutions to deploy cryptocurrency miners. **Recommendations** Update Windows 10 to the February 2021 security update or a newer version. At the moment, there is no information about a newer version that contains a fix for this vulnerability for other unspecified Windows versions.