KEV category

Windows KEV entries for small business

KEV entries affecting Microsoft Windows — the operating system your workstations and servers run, where your line-of-business software (accounting, document management, practice management) lives. Exploitation gives an attacker access to that machine: client files, stored credentials, and the local network it's on. Updated daily from the CISA KEV catalog.

Updated 15 hours ago. 174 entries in this category. All SMB-relevant entries.

CVE-2008-4250Patch this week
Microsoft Windows Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.
Added to KEV May 20, 2026 · Microsoft Windows
CVE-2026-32202Monitor
Microsoft Windows Protection Mechanism Failure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
Added to KEV Apr 28, 2026 · Microsoft Windows
CVE-2025-60710Plan to patch
Microsoft Windows Link Following Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains a link following vulnerability that allows for privilege escalation
Added to KEV Apr 13, 2026 · Microsoft Windows
CVE-2023-36424Plan to patch
Microsoft Windows Out-of-Bounds Read Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation
Added to KEV Apr 13, 2026 · Microsoft Windows
CVE-2008-0015Plan to patch
Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
Added to KEV Feb 17, 2026 · Microsoft Windows
CVE-2026-21513Plan to patch
Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.
Added to KEV Feb 10, 2026 · Microsoft Windows
CVE-2026-21525Monitor
Microsoft Windows NULL Pointer Dereference Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.
Added to KEV Feb 10, 2026 · Microsoft Windows
CVE-2026-21510Plan to patch
Microsoft Windows Shell Protection Mechanism Failure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.
Added to KEV Feb 10, 2026 · Microsoft Windows
CVE-2026-21533Plan to patch
Microsoft Windows Improper Privilege Management Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.
Added to KEV Feb 10, 2026 · Microsoft Windows
CVE-2026-21519Plan to patch
Microsoft Windows Type Confusion Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.
Added to KEV Feb 10, 2026 · Microsoft Windows
CVE-2026-20805Monitor
Microsoft Windows Information Disclosure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Desktop Windows Manager contains an information disclosure vulnerability that allows an authorized attacker to disclose information locally.
Added to KEV Jan 13, 2026 · Microsoft Windows
CVE-2025-62221Plan to patch
Microsoft Windows Use After Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.
Added to KEV Dec 9, 2025 · Microsoft Windows
CVE-2025-62215Plan to patch
Microsoft Windows Race Condition Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains a race condition vulnerability that allows a local attacker with low-level privileges to escalate privileges. Successful exploitation of this vulnerability could enable the attacker to gain SYSTEM-level access.
Added to KEV Nov 12, 2025 · Microsoft Windows
CVE-2025-59287Patch this week
Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution.
Added to KEV Oct 24, 2025 · Microsoft Windows
CVE-2025-33073Plan to patch
Microsoft Windows SMB Client Improper Access Control Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows SMB Client contains an improper access control vulnerability that could allow for privilege escalation. An attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate.
Added to KEV Oct 20, 2025 · Microsoft Windows
CVE-2025-24990Plan to patch
Microsoft Windows Untrusted Pointer Dereference Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Agere Modem Driver contains an untrusted pointer dereference vulnerability that allows for privilege escalation. An attacker who successfully exploited this vulnerability could gain administrator privileges.
Added to KEV Oct 14, 2025 · Microsoft Windows
CVE-2025-59230Plan to patch
Microsoft Windows Improper Access Control Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an improper access control vulnerability in Windows Remote Access Connection Manager which could allow an authorized attacker to elevate privileges locally.
Added to KEV Oct 14, 2025 · Microsoft Windows
CVE-2021-43226Plan to patch
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.
Added to KEV Oct 6, 2025 · Microsoft Windows
CVE-2013-3918Plan to patch
Microsoft Windows Out-of-Bounds Write Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an out-of-bounds write vulnerability in the InformationCardSigninHelper Class ActiveX control, icardie.dll. An attacker could exploit the vulnerability by constructing a specially crafted webpage. When a user views the webpage, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
Added to KEV Oct 6, 2025 · Microsoft Windows
CVE-2011-3402Plan to patch
Microsoft Windows Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains an unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers that allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page.
Added to KEV Oct 6, 2025 · Microsoft Windows
CVE-2025-33053Plan to patch
Microsoft Windows External Control of File Name or Path Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files.
Added to KEV Jun 10, 2025 · Microsoft Windows
CVE-2025-32709Plan to patch
Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privileges to administrator.
Added to KEV May 13, 2025 · Microsoft Windows
CVE-2025-30397Plan to patch
Microsoft Windows Scripting Engine Type Confusion Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a specially crafted URL.
Added to KEV May 13, 2025 · Microsoft Windows
CVE-2025-32706Plan to patch
Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally.
Added to KEV May 13, 2025 · Microsoft Windows
CVE-2025-32701Plan to patch
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
Added to KEV May 13, 2025 · Microsoft Windows
CVE-2025-30400Plan to patch
Microsoft Windows DWM Core Library Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
Added to KEV May 13, 2025 · Microsoft Windows
CVE-2025-24054Monitor
Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.
Added to KEV Apr 17, 2025 · Microsoft Windows
CVE-2025-29824Known ransomware usePatch now
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
Added to KEV Apr 8, 2025 · Microsoft Windows
CVE-2025-24993Plan to patch
Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2025-24991Monitor
Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2025-24985Plan to patch
Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2025-24984Monitor
Microsoft Windows NTFS Information Disclosure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a physical attack. An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2025-24983Plan to patch
Microsoft Windows Win32k Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2025-26633Known ransomware usePatch now
Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability that allows an unauthorized attacker to bypass a security feature locally.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2018-8639Known ransomware usePatch now
Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Win32k contains an improper resource shutdown or release vulnerability that allows for local, authenticated privilege escalation. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Added to KEV Mar 3, 2025 · Microsoft Windows
CVE-2025-21418Plan to patch
Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.
Added to KEV Feb 11, 2025 · Microsoft Windows
CVE-2025-21391Plan to patch
Microsoft Windows Storage Link Following Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.
Added to KEV Feb 11, 2025 · Microsoft Windows
CVE-2025-21335Plan to patch
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.
Added to KEV Jan 14, 2025 · Microsoft Windows
CVE-2025-21334Plan to patch
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.
Added to KEV Jan 14, 2025 · Microsoft Windows
CVE-2025-21333Plan to patch
Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges.
Added to KEV Jan 14, 2025 · Microsoft Windows
CVE-2024-35250Plan to patch
Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attacker to escalate privileges.
Added to KEV Dec 16, 2024 · Microsoft Windows
CVE-2024-49138Plan to patch
Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges.
Added to KEV Dec 10, 2024 · Microsoft Windows
CVE-2024-43451Monitor
Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an NTLMv2 hash spoofing vulnerability that could result in disclosing a user's NTLMv2 hash to an attacker via a file open operation. The attacker could then leverage this hash to impersonate that user.
Added to KEV Nov 12, 2024 · Microsoft Windows
CVE-2024-49039Known ransomware usePatch now
Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions.
Added to KEV Nov 12, 2024 · Microsoft Windows
CVE-2024-30088Known ransomware usePatch now
Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that could allow for privilege escalation.
Added to KEV Oct 15, 2024 · Microsoft Windows
CVE-2024-43573Monitor
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains an unspecified spoofing vulnerability which can lead to a loss of confidentiality.
Added to KEV Oct 8, 2024 · Microsoft Windows
CVE-2024-43572Plan to patch
Microsoft Windows Management Console Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Management Console contains unspecified vulnerability that allows for remote code execution.
Added to KEV Oct 8, 2024 · Microsoft Windows
CVE-2024-43461Plan to patch
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains a user interface (UI) misrepresentation of critical information vulnerability that allows an attacker to spoof a web page. This vulnerability was exploited in conjunction with CVE-2024-38112.
Added to KEV Sep 16, 2024 · Microsoft Windows
CVE-2024-38217Monitor
Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.
Added to KEV Sep 10, 2024 · Microsoft Windows
CVE-2024-38014Plan to patch
Microsoft Windows Installer Improper Privilege Management Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.
Added to KEV Sep 10, 2024 · Microsoft Windows
CVE-2024-38107Plan to patch
Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Power Dependency Coordinator contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to obtain SYSTEM privileges.
Added to KEV Aug 13, 2024 · Microsoft Windows
CVE-2024-38106Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. Successful exploitation of this vulnerability requires an attacker to win a race condition.
Added to KEV Aug 13, 2024 · Microsoft Windows
CVE-2024-38193Plan to patch
Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.
Added to KEV Aug 13, 2024 · Microsoft Windows
CVE-2024-38213Monitor
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience via a malicious file.
Added to KEV Aug 13, 2024 · Microsoft Windows
CVE-2024-38178Plan to patch
Microsoft Windows Scripting Engine Memory Corruption Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.
Added to KEV Aug 13, 2024 · Microsoft Windows
CVE-2018-0824Plan to patch
Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution via a specially crafted file or script.
Added to KEV Aug 5, 2024 · Microsoft Windows
CVE-2024-38080Plan to patch
Microsoft Windows Hyper-V Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
Added to KEV Jul 9, 2024 · Microsoft Windows
CVE-2024-38112Plan to patch
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability.
Added to KEV Jul 9, 2024 · Microsoft Windows
CVE-2024-26169Known ransomware usePatch now
Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
Added to KEV Jun 13, 2024 · Microsoft Windows
CVE-2024-30040Plan to patch
Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass.
Added to KEV May 14, 2024 · Microsoft Windows
CVE-2022-38028Plan to patch
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permissions.
Added to KEV Apr 23, 2024 · Microsoft Windows
CVE-2024-21338Known ransomware usePatch now
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.
Added to KEV Mar 4, 2024 · Microsoft Windows
CVE-2024-21412Known ransomware usePatch now
Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.
Added to KEV Feb 13, 2024 · Microsoft Windows
CVE-2024-21351Plan to patch
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.
Added to KEV Feb 13, 2024 · Microsoft Windows
CVE-2023-36584Monitor
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.
Added to KEV Nov 16, 2023 · Microsoft Windows
CVE-2023-36033Plan to patch
Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 14, 2023 · Microsoft Windows
CVE-2023-36025Plan to patch
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts.
Added to KEV Nov 14, 2023 · Microsoft Windows
CVE-2023-36036Plan to patch
Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Cloud Files Mini Filter Driver contains a privilege escalation vulnerability that could allow an attacker to gain SYSTEM privileges.
Added to KEV Nov 14, 2023 · Microsoft Windows
CVE-2023-28229Plan to patch
Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges.
Added to KEV Oct 4, 2023 · Microsoft Windows CNG Key Isolation Service
CVE-2023-36884Known ransomware usePatch now
Microsoft Windows Search Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.
Added to KEV Jul 17, 2023 · Microsoft Windows
CVE-2023-32046Plan to patch
Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Jul 11, 2023 · Microsoft Windows
CVE-2023-32049Plan to patch
Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt.
Added to KEV Jul 11, 2023 · Microsoft Windows
CVE-2023-36874Plan to patch
Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Jul 11, 2023 · Microsoft Windows
CVE-2023-28252Known ransomware usePatch now
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Apr 11, 2023 · Microsoft Windows
CVE-2019-1388Known ransomware usePatch now
Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.
Added to KEV Apr 7, 2023 · Microsoft Windows
CVE-2023-24880Known ransomware usePatch now
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.
Added to KEV Mar 14, 2023 · Microsoft Windows
CVE-2023-23376Known ransomware usePatch now
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Feb 14, 2023 · Microsoft Windows
CVE-2023-21823Plan to patch
Microsoft Windows Graphic Component Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Feb 14, 2023 · Microsoft Windows
CVE-2023-21674Plan to patch
Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Jan 10, 2023 · Microsoft Windows
CVE-2022-41049Monitor
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.
Added to KEV Nov 14, 2022 · Microsoft Windows
CVE-2022-41091Known ransomware usePatch now
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.
Added to KEV Nov 8, 2022 · Microsoft Windows
CVE-2022-41073Known ransomware usePatch now
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.
Added to KEV Nov 8, 2022 · Microsoft Windows
CVE-2022-41125Plan to patch
Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.
Added to KEV Nov 8, 2022 · Microsoft Windows
CVE-2022-41128Plan to patch
Microsoft Windows Scripting Languages Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code execution.
Added to KEV Nov 8, 2022 · Microsoft Windows
CVE-2022-41033Plan to patch
Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Oct 11, 2022 · Microsoft Windows COM+ Event System Service
CVE-2010-2568Plan to patch
Microsoft Windows Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.
Added to KEV Sep 15, 2022 · Microsoft Windows
CVE-2022-37969Plan to patch
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Sep 14, 2022 · Microsoft Windows
CVE-2022-21971Plan to patch
Microsoft Windows Runtime Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Runtime contains an unspecified vulnerability that allows for remote code execution.
Added to KEV Aug 18, 2022 · Microsoft Windows
CVE-2022-34713Plan to patch
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a calling application.
Added to KEV Aug 9, 2022 · Microsoft Windows
CVE-2022-22047Plan to patch
Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.
Added to KEV Jul 12, 2022 · Microsoft Windows
CVE-2022-26925Plan to patch
Microsoft Windows LSA Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.
Added to KEV Jul 1, 2022 · Microsoft Windows
CVE-2022-30190Known ransomware usePatch now
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.
Added to KEV Jun 14, 2022 · Microsoft Windows
CVE-2012-0151Plan to patch
Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.
Added to KEV Jun 8, 2022 · Microsoft Windows
CVE-2015-6175Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2015-1671Plan to patch
Microsoft Windows Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2014-4148Plan to patch
Microsoft Windows Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2016-3393Plan to patch
Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2016-7256Plan to patch
Microsoft Windows Open Type Font Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2015-0016Plan to patch
Microsoft Windows TS WebProxy Directory Traversal Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Directory traversal vulnerability in the TS WebProxy (TSWbPrxy) component in Microsoft Windows allows remote attackers to escalate privileges.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2015-1769Monitor
Microsoft Windows Mount Manager Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows Mount Manager component improperly processes symbolic links.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2018-8611Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory.
Added to KEV May 24, 2022 · Microsoft Windows
CVE-2017-0005Plan to patch
Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted application.
Added to KEV May 24, 2022 · Microsoft Windows
CVE-2017-8543Patch this week
Microsoft Windows Search Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory.
Added to KEV May 24, 2022 · Microsoft Windows
CVE-2020-1027Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
Added to KEV May 23, 2022 · Microsoft Windows
CVE-2019-0703Monitor
Microsoft Windows SMB Information Disclosure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, which could lead to information disclosure from the server.
Added to KEV May 23, 2022 · Microsoft Windows
CVE-2019-0880Plan to patch
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.
Added to KEV May 23, 2022 · Microsoft Windows
CVE-2019-1385Known ransomware usePatch now
Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.
Added to KEV May 23, 2022 · Microsoft Windows
CVE-2019-1130Known ransomware usePatch now
Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links.
Added to KEV May 23, 2022 · Microsoft Windows
CVE-2022-26904Plan to patch
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Apr 25, 2022 · Microsoft Windows
CVE-2022-21919Plan to patch
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Apr 25, 2022 · Microsoft Windows
CVE-2022-22718Plan to patch
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.
Added to KEV Apr 19, 2022 · Microsoft Windows
CVE-2022-24521Known ransomware usePatch now
Microsoft Windows CLFS Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Apr 13, 2022 · Microsoft Windows
CVE-2021-34484Plan to patch
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Mar 31, 2022 · Microsoft Windows
CVE-2016-0040Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2021-34486Plan to patch
Microsoft Windows Event Tracing Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Event Tracing contains an unspecified vulnerability which can allow for privilege escalation.
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2018-8440Known ransomware usePatch now
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2017-0213Known ransomware usePatch now
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2015-2426Plan to patch
Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts.
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2010-4398Plan to patch
Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2022-21999Known ransomware usePatch now
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.
Added to KEV Mar 25, 2022 · Microsoft Windows
CVE-2018-8414Plan to patch
Microsoft Windows Shell Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.
Added to KEV Mar 25, 2022 · Microsoft Windows
CVE-2017-0146Known ransomware usePatch now
Microsoft Windows SMB Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.
Added to KEV Mar 25, 2022 · Microsoft Windows
CVE-2014-6332Plan to patch
Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.
Added to KEV Mar 25, 2022 · Microsoft Windows
CVE-2017-0101Known ransomware usePatch now
Microsoft Windows Transaction Manager Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1405Known ransomware usePatch now
Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1322Known ransomware usePatch now
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1315Known ransomware usePatch now
Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1253Known ransomware usePatch now
Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1129Known ransomware usePatch now
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1064Known ransomware usePatch now
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-0841Known ransomware usePatch now
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-0543Known ransomware usePatch now
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2016-3309Known ransomware usePatch now
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2016-0099Known ransomware usePatch now
Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2021-41379Known ransomware usePatch now
Microsoft Windows Installer Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2014-4114Plan to patch
Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2013-5065Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2010-0232Plan to patch
Microsoft Windows Kernel Exception Handler Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2009-1123Plan to patch
Microsoft Windows Improper Input Validation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2004-0210Plan to patch
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2002-0367Plan to patch
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2014-6352Plan to patch
Microsoft Windows Code Injection Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.
Added to KEV Feb 25, 2022 · Microsoft Windows
CVE-2018-8174Known ransomware usePatch now
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"
Added to KEV Feb 15, 2022 · Microsoft Windows
CVE-2021-36934Plan to patch
Microsoft Windows SAM Local Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.
Added to KEV Feb 10, 2022 · Microsoft Windows
CVE-2017-8464Plan to patch
Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file
Added to KEV Feb 10, 2022 · Microsoft Windows
CVE-2020-0787Known ransomware usePatch now
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.
Added to KEV Jan 28, 2022 · Microsoft Windows
CVE-2021-43890Known ransomware usePatch now
Microsoft Windows AppX Installer Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.
Added to KEV Dec 15, 2021 · Microsoft Windows
CVE-2021-40449Known ransomware usePatch now
Microsoft Windows Win32k Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Unspecified vulnerability allows for an authenticated user to escalate privileges.
Added to KEV Nov 17, 2021 · Microsoft Windows
CVE-2021-33771Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-1675Known ransomware usePatch now
Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler contains an unspecified vulnerability that allows for remote code execution.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-36955Known ransomware usePatch now
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2014-1812Known ransomware usePatch now
Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-31955Monitor
Microsoft Windows Kernel Information Disclosure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-33739Plan to patch
Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2016-0185Plan to patch
Microsoft Windows Media Center Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-0683Plan to patch
Microsoft Windows Installer Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-17087Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-33742Plan to patch
Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-31956Plan to patch
Microsoft Windows NTFS Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-31979Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-0938Plan to patch
Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-0986Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows kernel contains an unspecified vulnerability when handling objects in memory that allows attackers to escalate privileges and execute code in kernel mode.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-1020Plan to patch
Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-36948Plan to patch
Microsoft Windows Update Medic Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Update Medic Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2017-0143Known ransomware usePatch now
Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-1464Plan to patch
Microsoft Windows Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-34527Known ransomware usePatch now
Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler contains an unspecified vulnerability due to the Windows Print Spooler service improperly performing privileged file operations. Successful exploitation allows an attacker to perform remote code execution with SYSTEM privileges. The vulnerability is also known under the moniker of PrintNightmare.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-1350Patch this week
Microsoft Windows DNS Server Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability is also known under the moniker of SIGRed.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-36942Known ransomware usePatch now
Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2019-1215Known ransomware usePatch now
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an unspecified vulnerability due to the way ws2ifsl.sys (Winsock) handles objects in memory, allowing for privilege escalation. Successful exploitation allows an attacker to execute code with elevated privileges.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-34448Monitor
Microsoft Windows Scripting Engine Memory Corruption Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Scripting Engine contains an unspecified vulnerability that allows for memory corruption.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-0601Plan to patch
Microsoft Windows CryptoAPI Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows CryptoAPI (Crypt32.dll) contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. The vulnerability is also known under the moniker of CurveBall.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2019-1214Plan to patch
Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver improperly handles objects in memory which can allow for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2019-0863Plan to patch
Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, allowing for code execution in kernel mode.
Added to KEV Nov 3, 2021 · Microsoft Windows

KEV category

Windows KEV entries for small business

Updated 15 hours ago. 174 entries in this category. All SMB-relevant entries.

CVE-2008-4250Patch this week
Microsoft Windows Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains a buffer overflow vulnerability in the Windows Server Service that allows remote attackers to execute arbitrary code via a crafted RPC request that triggers an overflow during path canonicalization.
Added to KEV May 20, 2026 · Microsoft Windows
CVE-2026-32202Monitor
Microsoft Windows Protection Mechanism Failure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Shell contains a protection mechanism failure vulnerability that allows an unauthorized attacker to perform spoofing over a network.
Added to KEV Apr 28, 2026 · Microsoft Windows
CVE-2025-60710Plan to patch
Microsoft Windows Link Following Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains a link following vulnerability that allows for privilege escalation
Added to KEV Apr 13, 2026 · Microsoft Windows
CVE-2023-36424Plan to patch
Microsoft Windows Out-of-Bounds Read Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation
Added to KEV Apr 13, 2026 · Microsoft Windows
CVE-2008-0015Plan to patch
Microsoft Windows Video ActiveX Control Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Video ActiveX Control contains a remote code execution vulnerability. An attacker could exploit the vulnerability by constructing a specially crafted Web page. When a user views the Web page, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the logged-on user.
Added to KEV Feb 17, 2026 · Microsoft Windows
CVE-2026-21513Plan to patch
Microsoft MSHTML Framework Protection Mechanism Failure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft MSHTML Framework contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.
Added to KEV Feb 10, 2026 · Microsoft Windows
CVE-2026-21525Monitor
Microsoft Windows NULL Pointer Dereference Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Remote Access Connection Manager contains a NULL pointer dereference that could allow an unauthorized attacker to deny service locally.
Added to KEV Feb 10, 2026 · Microsoft Windows
CVE-2026-21510Plan to patch
Microsoft Windows Shell Protection Mechanism Failure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Shell contains a protection mechanism failure vulnerability that could allow an unauthorized attacker to bypass a security feature over a network.
Added to KEV Feb 10, 2026 · Microsoft Windows
CVE-2026-21533Plan to patch
Microsoft Windows Improper Privilege Management Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Remote Desktop Services contains an improper privilege management vulnerability that could allow an authorized attacker to elevate privileges locally.
Added to KEV Feb 10, 2026 · Microsoft Windows
CVE-2026-21519Plan to patch
Microsoft Windows Type Confusion Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Desktop Windows Manager contains a type confusion vulnerability that could allow an authorized attacker to elevate privileges locally.
Added to KEV Feb 10, 2026 · Microsoft Windows
CVE-2026-20805Monitor
Microsoft Windows Information Disclosure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Desktop Windows Manager contains an information disclosure vulnerability that allows an authorized attacker to disclose information locally.
Added to KEV Jan 13, 2026 · Microsoft Windows
CVE-2025-62221Plan to patch
Microsoft Windows Use After Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Cloud Files Mini Filter Driver contains a use after free vulnerability that can allow an authorized attacker to elevate privileges locally.
Added to KEV Dec 9, 2025 · Microsoft Windows
CVE-2025-62215Plan to patch
Microsoft Windows Race Condition Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains a race condition vulnerability that allows a local attacker with low-level privileges to escalate privileges. Successful exploitation of this vulnerability could enable the attacker to gain SYSTEM-level access.
Added to KEV Nov 12, 2025 · Microsoft Windows
CVE-2025-59287Patch this week
Microsoft Windows Server Update Service (WSUS) Deserialization of Untrusted Data Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Server Update Service (WSUS) contains a deserialization of untrusted data vulnerability that allows for remote code execution.
Added to KEV Oct 24, 2025 · Microsoft Windows
CVE-2025-33073Plan to patch
Microsoft Windows SMB Client Improper Access Control Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows SMB Client contains an improper access control vulnerability that could allow for privilege escalation. An attacker could execute a specially crafted malicious script to coerce the victim machine to connect back to the attack system using SMB and authenticate.
Added to KEV Oct 20, 2025 · Microsoft Windows
CVE-2025-24990Plan to patch
Microsoft Windows Untrusted Pointer Dereference Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Agere Modem Driver contains an untrusted pointer dereference vulnerability that allows for privilege escalation. An attacker who successfully exploited this vulnerability could gain administrator privileges.
Added to KEV Oct 14, 2025 · Microsoft Windows
CVE-2025-59230Plan to patch
Microsoft Windows Improper Access Control Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an improper access control vulnerability in Windows Remote Access Connection Manager which could allow an authorized attacker to elevate privileges locally.
Added to KEV Oct 14, 2025 · Microsoft Windows
CVE-2021-43226Plan to patch
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System Driver contains a privilege escalation vulnerability that could allow a local, privileged attacker to bypass certain security mechanisms.
Added to KEV Oct 6, 2025 · Microsoft Windows
CVE-2013-3918Plan to patch
Microsoft Windows Out-of-Bounds Write Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an out-of-bounds write vulnerability in the InformationCardSigninHelper Class ActiveX control, icardie.dll. An attacker could exploit the vulnerability by constructing a specially crafted webpage. When a user views the webpage, the vulnerability could allow remote code execution. An attacker who successfully exploited this vulnerability could gain the same user rights as the current user. The impacted product could be end-of-life (EoL) and/or end-of-service (EoS). Users should discontinue product utilization.
Added to KEV Oct 6, 2025 · Microsoft Windows
CVE-2011-3402Plan to patch
Microsoft Windows Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains an unspecified vulnerability in the TrueType font parsing engine in win32k.sys in the kernel-mode drivers that allows remote attackers to execute arbitrary code via crafted font data in a Word document or web page.
Added to KEV Oct 6, 2025 · Microsoft Windows
CVE-2025-33053Plan to patch
Microsoft Windows External Control of File Name or Path Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an external control of file name or path vulnerability that could allow an attacker to execute code from a remote WebDAV location specified by the WorkingDirectory attribute of Internet Shortcut files.
Added to KEV Jun 10, 2025 · Microsoft Windows
CVE-2025-32709Plan to patch
Microsoft Windows Ancillary Function Driver for WinSock Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Ancillary Function Driver for WinSock contains a use-after-free vulnerability that allows an authorized attacker to escalate privileges to administrator.
Added to KEV May 13, 2025 · Microsoft Windows
CVE-2025-30397Plan to patch
Microsoft Windows Scripting Engine Type Confusion Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Scripting Engine contains a type confusion vulnerability that allows an unauthorized attacker to execute code over a network via a specially crafted URL.
Added to KEV May 13, 2025 · Microsoft Windows
CVE-2025-32706Plan to patch
Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) Driver contains a heap-based buffer overflow vulnerability that allows an authorized attacker to elevate privileges locally.
Added to KEV May 13, 2025 · Microsoft Windows
CVE-2025-32701Plan to patch
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
Added to KEV May 13, 2025 · Microsoft Windows
CVE-2025-30400Plan to patch
Microsoft Windows DWM Core Library Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
Added to KEV May 13, 2025 · Microsoft Windows
CVE-2025-24054Monitor
Microsoft Windows NTLM Hash Disclosure Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows NTLM contains an external control of file name or path vulnerability that allows an unauthorized attacker to perform spoofing over a network.
Added to KEV Apr 17, 2025 · Microsoft Windows
CVE-2025-29824Known ransomware usePatch now
Microsoft Windows Common Log File System (CLFS) Driver Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
Added to KEV Apr 8, 2025 · Microsoft Windows
CVE-2025-24993Plan to patch
Microsoft Windows NTFS Heap-Based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows New Technology File System (NTFS) contains a heap-based buffer overflow vulnerability that allows an unauthorized attacker to execute code locally.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2025-24991Monitor
Microsoft Windows NTFS Out-Of-Bounds Read Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows New Technology File System (NTFS) contains an out-of-bounds read vulnerability that allows an authorized attacker to disclose information locally.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2025-24985Plan to patch
Microsoft Windows Fast FAT File System Driver Integer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Fast FAT File System Driver contains an integer overflow or wraparound vulnerability that allows an unauthorized attacker to execute code locally.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2025-24984Monitor
Microsoft Windows NTFS Information Disclosure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows New Technology File System (NTFS) contains an insertion of sensitive Information into log file vulnerability that allows an unauthorized attacker to disclose information with a physical attack. An attacker who successfully exploited this vulnerability could potentially read portions of heap memory.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2025-24983Plan to patch
Microsoft Windows Win32k Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Win32 Kernel Subsystem contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2025-26633Known ransomware usePatch now
Microsoft Windows Management Console (MMC) Improper Neutralization Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Management Console (MMC) contains an improper neutralization vulnerability that allows an unauthorized attacker to bypass a security feature locally.
Added to KEV Mar 11, 2025 · Microsoft Windows
CVE-2018-8639Known ransomware usePatch now
Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Win32k contains an improper resource shutdown or release vulnerability that allows for local, authenticated privilege escalation. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Added to KEV Mar 3, 2025 · Microsoft Windows
CVE-2025-21418Plan to patch
Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Ancillary Function Driver for WinSock contains a heap-based buffer overflow vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.
Added to KEV Feb 11, 2025 · Microsoft Windows
CVE-2025-21391Plan to patch
Microsoft Windows Storage Link Following Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Storage contains a link following vulnerability that could allow for privilege escalation. This vulnerability could allow an attacker to delete data including data that results in the service being unavailable.
Added to KEV Feb 11, 2025 · Microsoft Windows
CVE-2025-21335Plan to patch
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.
Added to KEV Jan 14, 2025 · Microsoft Windows
CVE-2025-21334Plan to patch
Microsoft Windows Hyper-V NT Kernel Integration VSP Use-After-Free Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a use-after-free vulnerability that allows a local attacker to gain SYSTEM privileges.
Added to KEV Jan 14, 2025 · Microsoft Windows
CVE-2025-21333Plan to patch
Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Hyper-V NT Kernel Integration VSP contains a heap-based buffer overflow vulnerability that allows a local attacker to gain SYSTEM privileges.
Added to KEV Jan 14, 2025 · Microsoft Windows
CVE-2024-35250Plan to patch
Microsoft Windows Kernel-Mode Driver Untrusted Pointer Dereference Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel-Mode Driver contains an untrusted pointer dereference vulnerability that allows a local attacker to escalate privileges.
Added to KEV Dec 16, 2024 · Microsoft Windows
CVE-2024-49138Plan to patch
Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver contains a heap-based buffer overflow vulnerability that allows a local attacker to escalate privileges.
Added to KEV Dec 10, 2024 · Microsoft Windows
CVE-2024-43451Monitor
Microsoft Windows NTLMv2 Hash Disclosure Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an NTLMv2 hash spoofing vulnerability that could result in disclosing a user's NTLMv2 hash to an attacker via a file open operation. The attacker could then leverage this hash to impersonate that user.
Added to KEV Nov 12, 2024 · Microsoft Windows
CVE-2024-49039Known ransomware usePatch now
Microsoft Windows Task Scheduler Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Task Scheduler contains a privilege escalation vulnerability that can allow an attacker-provided, local application to escalate privileges outside of its AppContainer, and access privileged RPC functions.
Added to KEV Nov 12, 2024 · Microsoft Windows
CVE-2024-30088Known ransomware usePatch now
Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains a time-of-check to time-of-use (TOCTOU) race condition vulnerability that could allow for privilege escalation.
Added to KEV Oct 15, 2024 · Microsoft Windows
CVE-2024-43573Monitor
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains an unspecified spoofing vulnerability which can lead to a loss of confidentiality.
Added to KEV Oct 8, 2024 · Microsoft Windows
CVE-2024-43572Plan to patch
Microsoft Windows Management Console Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Management Console contains unspecified vulnerability that allows for remote code execution.
Added to KEV Oct 8, 2024 · Microsoft Windows
CVE-2024-43461Plan to patch
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains a user interface (UI) misrepresentation of critical information vulnerability that allows an attacker to spoof a web page. This vulnerability was exploited in conjunction with CVE-2024-38112.
Added to KEV Sep 16, 2024 · Microsoft Windows
CVE-2024-38217Monitor
Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Mark of the Web (MOTW) contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW tagging.
Added to KEV Sep 10, 2024 · Microsoft Windows
CVE-2024-38014Plan to patch
Microsoft Windows Installer Improper Privilege Management Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges.
Added to KEV Sep 10, 2024 · Microsoft Windows
CVE-2024-38107Plan to patch
Microsoft Windows Power Dependency Coordinator Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Power Dependency Coordinator contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to obtain SYSTEM privileges.
Added to KEV Aug 13, 2024 · Microsoft Windows
CVE-2024-38106Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges. Successful exploitation of this vulnerability requires an attacker to win a race condition.
Added to KEV Aug 13, 2024 · Microsoft Windows
CVE-2024-38193Plan to patch
Microsoft Windows Ancillary Function Driver for WinSock Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Ancillary Function Driver for WinSock contains an unspecified vulnerability that allows for privilege escalation, enabling a local attacker to gain SYSTEM privileges.
Added to KEV Aug 13, 2024 · Microsoft Windows
CVE-2024-38213Monitor
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience via a malicious file.
Added to KEV Aug 13, 2024 · Microsoft Windows
CVE-2024-38178Plan to patch
Microsoft Windows Scripting Engine Memory Corruption Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Scripting Engine contains a memory corruption vulnerability that allows unauthenticated attacker to initiate remote code execution via a specially crafted URL.
Added to KEV Aug 13, 2024 · Microsoft Windows
CVE-2018-0824Plan to patch
Microsoft COM for Windows Deserialization of Untrusted Data Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft COM for Windows contains a deserialization of untrusted data vulnerability that allows for privilege escalation and remote code execution via a specially crafted file or script.
Added to KEV Aug 5, 2024 · Microsoft Windows
CVE-2024-38080Plan to patch
Microsoft Windows Hyper-V Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Hyper-V contains a privilege escalation vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
Added to KEV Jul 9, 2024 · Microsoft Windows
CVE-2024-38112Plan to patch
Microsoft Windows MSHTML Platform Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains a spoofing vulnerability that has a high impact to confidentiality, integrity, and availability.
Added to KEV Jul 9, 2024 · Microsoft Windows
CVE-2024-26169Known ransomware usePatch now
Microsoft Windows Error Reporting Service Improper Privilege Management Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Error Reporting Service contains an improper privilege management vulnerability that allows a local attacker with user permissions to gain SYSTEM privileges.
Added to KEV Jun 13, 2024 · Microsoft Windows
CVE-2024-30040Plan to patch
Microsoft Windows MSHTML Platform Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for a security feature bypass.
Added to KEV May 14, 2024 · Microsoft Windows
CVE-2022-38028Plan to patch
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permissions.
Added to KEV Apr 23, 2024 · Microsoft Windows
CVE-2024-21338Known ransomware usePatch now
Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains an exposed IOCTL with insufficient access control vulnerability within the IOCTL (input and output control) dispatcher in appid.sys that allows a local attacker to achieve privilege escalation.
Added to KEV Mar 4, 2024 · Microsoft Windows
CVE-2024-21412Known ransomware usePatch now
Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Internet Shortcut Files contains an unspecified vulnerability that allows for a security feature bypass.
Added to KEV Feb 13, 2024 · Microsoft Windows
CVE-2024-21351Plan to patch
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.
Added to KEV Feb 13, 2024 · Microsoft Windows
CVE-2023-36584Monitor
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.
Added to KEV Nov 16, 2023 · Microsoft Windows
CVE-2023-36033Plan to patch
Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 14, 2023 · Microsoft Windows
CVE-2023-36025Plan to patch
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to bypass Windows Defender SmartScreen checks and their associated prompts.
Added to KEV Nov 14, 2023 · Microsoft Windows
CVE-2023-36036Plan to patch
Microsoft Windows Cloud Files Mini Filter Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Cloud Files Mini Filter Driver contains a privilege escalation vulnerability that could allow an attacker to gain SYSTEM privileges.
Added to KEV Nov 14, 2023 · Microsoft Windows
CVE-2023-28229Plan to patch
Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain specific limited SYSTEM privileges.
Added to KEV Oct 4, 2023 · Microsoft Windows CNG Key Isolation Service
CVE-2023-36884Known ransomware usePatch now
Microsoft Windows Search Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Search contains an unspecified vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file, leading to remote code execution.
Added to KEV Jul 17, 2023 · Microsoft Windows
CVE-2023-32046Plan to patch
Microsoft Windows MSHTML Platform Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Jul 11, 2023 · Microsoft Windows
CVE-2023-32049Plan to patch
Microsoft Windows Defender SmartScreen Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Defender SmartScreen contains a security feature bypass vulnerability that allows an attacker to bypass the Open File - Security Warning prompt.
Added to KEV Jul 11, 2023 · Microsoft Windows
CVE-2023-36874Plan to patch
Microsoft Windows Error Reporting Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Error Reporting Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Jul 11, 2023 · Microsoft Windows
CVE-2023-28252Known ransomware usePatch now
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Apr 11, 2023 · Microsoft Windows
CVE-2019-1388Known ransomware usePatch now
Microsoft Windows Certificate Dialog Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Certificate Dialog contains a privilege escalation vulnerability, allowing attackers to run processes in an elevated context.
Added to KEV Apr 7, 2023 · Microsoft Windows
CVE-2023-24880Known ransomware usePatch now
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.
Added to KEV Mar 14, 2023 · Microsoft Windows
CVE-2023-23376Known ransomware usePatch now
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Feb 14, 2023 · Microsoft Windows
CVE-2023-21823Plan to patch
Microsoft Windows Graphic Component Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Feb 14, 2023 · Microsoft Windows
CVE-2023-21674Plan to patch
Microsoft Windows Advanced Local Procedure Call (ALPC) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Jan 10, 2023 · Microsoft Windows
CVE-2022-41049Monitor
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.
Added to KEV Nov 14, 2022 · Microsoft Windows
CVE-2022-41091Known ransomware usePatch now
Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Mark of the Web (MOTW) contains a security feature bypass vulnerability resulting in a limited loss of integrity and availability of security features.
Added to KEV Nov 8, 2022 · Microsoft Windows
CVE-2022-41073Known ransomware usePatch now
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.
Added to KEV Nov 8, 2022 · Microsoft Windows
CVE-2022-41125Plan to patch
Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.
Added to KEV Nov 8, 2022 · Microsoft Windows
CVE-2022-41128Plan to patch
Microsoft Windows Scripting Languages Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an unspecified vulnerability in the JScript9 scripting language which allows for remote code execution.
Added to KEV Nov 8, 2022 · Microsoft Windows
CVE-2022-41033Plan to patch
Microsoft Windows COM+ Event System Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows COM+ Event System Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Oct 11, 2022 · Microsoft Windows COM+ Event System Service
CVE-2010-2568Plan to patch
Microsoft Windows Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. An attacker who successfully exploited this vulnerability could execute code as the logged-on user.
Added to KEV Sep 15, 2022 · Microsoft Windows
CVE-2022-37969Plan to patch
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Sep 14, 2022 · Microsoft Windows
CVE-2022-21971Plan to patch
Microsoft Windows Runtime Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Runtime contains an unspecified vulnerability that allows for remote code execution.
Added to KEV Aug 18, 2022 · Microsoft Windows
CVE-2022-34713Plan to patch
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when Microsoft Windows MSDT is called using the URL protocol from a calling application.
Added to KEV Aug 9, 2022 · Microsoft Windows
CVE-2022-22047Plan to patch
Microsoft Windows Client Server Runtime Subsystem (CSRSS) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows CSRSS contains an unspecified vulnerability that allows for privilege escalation to SYSTEM privileges.
Added to KEV Jul 12, 2022 · Microsoft Windows
CVE-2022-26925Plan to patch
Microsoft Windows LSA Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability where an attacker can coerce the domain controller to authenticate to the attacker using NTLM.
Added to KEV Jul 1, 2022 · Microsoft Windows
CVE-2022-30190Known ransomware usePatch now
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when MSDT is called using the URL protocol from a calling application such as Word. An attacker who successfully exploits this vulnerability can run code with the privileges of the calling application.
Added to KEV Jun 14, 2022 · Microsoft Windows
CVE-2012-0151Plan to patch
Microsoft Windows Authenticode Signature Verification Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The Authenticode Signature Verification function in Microsoft Windows (WinVerifyTrust) does not properly validate the digest of a signed portable executable (PE) file, which allows user-assisted remote attackers to execute code.
Added to KEV Jun 8, 2022 · Microsoft Windows
CVE-2015-6175Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The kernel in Microsoft Windows contains a vulnerability that allows local users to gain privileges via a crafted application.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2015-1671Plan to patch
Microsoft Windows Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when components of Windows, .NET Framework, Office, Lync, and Silverlight fail to properly handle TrueType fonts.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2014-4148Plan to patch
Microsoft Windows Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when the Windows kernel-mode driver improperly handles TrueType fonts.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2016-3393Plan to patch
Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2016-7256Plan to patch
Microsoft Windows Open Type Font Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2015-0016Plan to patch
Microsoft Windows TS WebProxy Directory Traversal Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Directory traversal vulnerability in the TS WebProxy (TSWbPrxy) component in Microsoft Windows allows remote attackers to escalate privileges.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2015-1769Monitor
Microsoft Windows Mount Manager Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows Mount Manager component improperly processes symbolic links.
Added to KEV May 25, 2022 · Microsoft Windows
CVE-2018-8611Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory.
Added to KEV May 24, 2022 · Microsoft Windows
CVE-2017-0005Plan to patch
Microsoft Windows Graphics Device Interface (GDI) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The Graphics Device Interface (GDI) in Microsoft Windows allows local users to gain privileges via a crafted application.
Added to KEV May 24, 2022 · Microsoft Windows
CVE-2017-8543Patch this week
Microsoft Windows Search Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows allows an attacker to take control of the affected system when Windows Search fails to handle objects in memory.
Added to KEV May 24, 2022 · Microsoft Windows
CVE-2020-1027Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.
Added to KEV May 23, 2022 · Microsoft Windows
CVE-2019-0703Monitor
Microsoft Windows SMB Information Disclosure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
An information disclosure vulnerability exists in the way that the Windows SMB Server handles certain requests, which could lead to information disclosure from the server.
Added to KEV May 23, 2022 · Microsoft Windows
CVE-2019-0880Plan to patch
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A local elevation of privilege vulnerability exists in how splwow64.exe handles certain calls. An attacker who successfully exploited the vulnerability could elevate privileges on an affected system from low-integrity to medium-integrity.
Added to KEV May 23, 2022 · Microsoft Windows
CVE-2019-1385Known ransomware usePatch now
Microsoft Windows AppX Deployment Extensions Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows AppX Deployment Extensions improperly performs privilege management, resulting in access to system files.
Added to KEV May 23, 2022 · Microsoft Windows
CVE-2019-1130Known ransomware usePatch now
Microsoft Windows AppX Deployment Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows AppX Deployment Service (AppXSVC) improperly handles hard links.
Added to KEV May 23, 2022 · Microsoft Windows
CVE-2022-26904Plan to patch
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Apr 25, 2022 · Microsoft Windows
CVE-2022-21919Plan to patch
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Apr 25, 2022 · Microsoft Windows
CVE-2022-22718Plan to patch
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation.
Added to KEV Apr 19, 2022 · Microsoft Windows
CVE-2022-24521Known ransomware usePatch now
Microsoft Windows CLFS Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) Driver contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Apr 13, 2022 · Microsoft Windows
CVE-2021-34484Plan to patch
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Mar 31, 2022 · Microsoft Windows
CVE-2016-0040Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The kernel in Microsoft Windows allows local users to gain privileges via a crafted application.
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2021-34486Plan to patch
Microsoft Windows Event Tracing Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Event Tracing contains an unspecified vulnerability which can allow for privilege escalation.
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2018-8440Known ransomware usePatch now
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2017-0213Known ransomware usePatch now
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows COM Aggregate Marshaler allows for privilege escalation when an attacker runs a specially crafted application.
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2015-2426Plan to patch
Microsoft Windows Adobe Type Manager Library Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles specially crafted OpenType fonts.
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2010-4398Plan to patch
Microsoft Windows Kernel Stack-Based Buffer Overflow Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows allows local users to gain privileges, and bypass the User Account Control (UAC) feature.
Added to KEV Mar 28, 2022 · Microsoft Windows
CVE-2022-21999Known ransomware usePatch now
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler contains an unspecified vulnerability which can allow for privilege escalation.
Added to KEV Mar 25, 2022 · Microsoft Windows
CVE-2018-8414Plan to patch
Microsoft Windows Shell Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths.
Added to KEV Mar 25, 2022 · Microsoft Windows
CVE-2017-0146Known ransomware usePatch now
Microsoft Windows SMB Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution.
Added to KEV Mar 25, 2022 · Microsoft Windows
CVE-2014-6332Plan to patch
Microsoft Windows Object Linking & Embedding (OLE) Automation Array Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
OleAut32.dll in OLE in Microsoft Windows allows remote attackers to remotely execute code via a crafted web site.
Added to KEV Mar 25, 2022 · Microsoft Windows
CVE-2017-0101Known ransomware usePatch now
Microsoft Windows Transaction Manager Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1405Known ransomware usePatch now
Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1322Known ransomware usePatch now
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1315Known ransomware usePatch now
Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1253Known ransomware usePatch now
Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1129Known ransomware usePatch now
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-1064Known ransomware usePatch now
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-0841Known ransomware usePatch now
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2019-0543Known ransomware usePatch now
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2016-3309Known ransomware usePatch now
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode.
Added to KEV Mar 15, 2022 · Microsoft Windows
CVE-2016-0099Known ransomware usePatch now
Microsoft Windows Secondary Logon Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege escalation vulnerability exists in Microsoft Windows if the Windows Secondary Logon Service fails to properly manage request handles in memory. An attacker who successfully exploited this vulnerability could run arbitrary code as an administrator.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2021-41379Known ransomware usePatch now
Microsoft Windows Installer Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2014-4114Plan to patch
Microsoft Windows Object Linking & Embedding (OLE) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A vulnerability exists in Windows Object Linking & Embedding (OLE) that could allow remote code execution if a user opens a file that contains a specially crafted OLE object.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2013-5065Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows NDProxy.sys in the kernel contains an improper input validation vulnerability which can allow a local attacker to escalate privileges.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2010-0232Plan to patch
Microsoft Windows Kernel Exception Handler Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The kernel in Microsoft Windows, when access to 16-bit applications is enabled on a 32-bit x86 platform, does not properly validate certain BIOS calls, which allows local users to gain privileges.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2009-1123Plan to patch
Microsoft Windows Improper Input Validation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
The kernel in Microsoft Windows does not properly validate changes to unspecified kernel objects, which allows local users to gain privileges via a crafted application.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2004-0210Plan to patch
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A privilege elevation vulnerability exists in the POSIX subsystem. This vulnerability could allow a logged on user to take complete control of the system.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2002-0367Plan to patch
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
smss.exe debugging subsystem in Microsoft Windows does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges.
Added to KEV Mar 3, 2022 · Microsoft Windows
CVE-2014-6352Plan to patch
Microsoft Windows Code Injection Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows allow remote attackers to execute arbitrary code via a crafted OLE object.
Added to KEV Feb 25, 2022 · Microsoft Windows
CVE-2018-8174Known ransomware usePatch now
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution"
Added to KEV Feb 15, 2022 · Microsoft Windows
CVE-2021-36934Plan to patch
Microsoft Windows SAM Local Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level.
Added to KEV Feb 10, 2022 · Microsoft Windows
CVE-2017-8464Plan to patch
Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file
Added to KEV Feb 10, 2022 · Microsoft Windows
CVE-2020-0787Known ransomware usePatch now
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges.
Added to KEV Jan 28, 2022 · Microsoft Windows
CVE-2021-43890Known ransomware usePatch now
Microsoft Windows AppX Installer Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability.
Added to KEV Dec 15, 2021 · Microsoft Windows
CVE-2021-40449Known ransomware usePatch now
Microsoft Windows Win32k Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Unspecified vulnerability allows for an authenticated user to escalate privileges.
Added to KEV Nov 17, 2021 · Microsoft Windows
CVE-2021-33771Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-1675Known ransomware usePatch now
Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler contains an unspecified vulnerability that allows for remote code execution.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-36955Known ransomware usePatch now
Microsoft Windows Common Log File System (CLFS) Driver Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2014-1812Known ransomware usePatch now
Microsoft Windows Group Policy Preferences Password Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Active Directory contains a privilege escalation vulnerability due to the way it distributes passwords that are configured using Group Policy preferences. An authenticated attacker who successfully exploits the vulnerability could decrypt the passwords and use them to elevate privileges on the domain.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-31955Monitor
Microsoft Windows Kernel Information Disclosure Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Kernel contains an unspecified vulnerability that allows for information disclosure. Successful exploitation allows attackers to read the contents of kernel memory from a user-mode process.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-33739Plan to patch
Microsoft Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Desktop Window Manager (DWM) Core Library contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2016-0185Plan to patch
Microsoft Windows Media Center Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Media Center contains a remote code execution vulnerability when Windows Media Center opens a specially crafted Media Center link (.mcl) file that references malicious code.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-0683Plan to patch
Microsoft Windows Installer Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-17087Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-33742Plan to patch
Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows MSHTML Platform contains an unspecified vulnerability that allows for remote code execution.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-31956Plan to patch
Microsoft Windows NTFS Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows New Technology File System (NTFS) contains an unspecified vulnerability that allows attackers to escalate privileges via a specially crafted application.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-31979Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-0938Plan to patch
Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-0986Plan to patch
Microsoft Windows Kernel Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows kernel contains an unspecified vulnerability when handling objects in memory that allows attackers to escalate privileges and execute code in kernel mode.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-1020Plan to patch
Microsoft Windows Adobe Font Manager Library Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code execution for all systems except Windows 10. For systems running Windows 10, an attacker who successfully exploited the vulnerability could execute code in an AppContainer sandbox context with limited privileges and capabilities.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-36948Plan to patch
Microsoft Windows Update Medic Service Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Update Medic Service contains an unspecified vulnerability that allows for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2017-0143Known ransomware usePatch now
Microsoft Windows Server Message Block (SMBv1) Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Server Message Block 1.0 (SMBv1) contains an unspecified vulnerability that allows for remote code execution.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-1464Plan to patch
Microsoft Windows Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-34527Known ransomware usePatch now
Microsoft Windows Print Spooler Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Print Spooler contains an unspecified vulnerability due to the Windows Print Spooler service improperly performing privileged file operations. Successful exploitation allows an attacker to perform remote code execution with SYSTEM privileges. The vulnerability is also known under the moniker of PrintNightmare.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-1350Patch this week
Microsoft Windows DNS Server Remote Code Execution Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability is also known under the moniker of SIGRed.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-36942Known ransomware usePatch now
Microsoft Windows Local Security Authority (LSA) Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Local Security Authority (LSA) contains a spoofing vulnerability allowing an unauthenticated attacker to call a method on the LSARPC interface and coerce the domain controller to authenticate against another server using NTLM.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2019-1215Known ransomware usePatch now
Microsoft Windows Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows contains an unspecified vulnerability due to the way ws2ifsl.sys (Winsock) handles objects in memory, allowing for privilege escalation. Successful exploitation allows an attacker to execute code with elevated privileges.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2021-34448Monitor
Microsoft Windows Scripting Engine Memory Corruption Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Scripting Engine contains an unspecified vulnerability that allows for memory corruption.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2020-0601Plan to patch
Microsoft Windows CryptoAPI Spoofing Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows CryptoAPI (Crypt32.dll) contains a spoofing vulnerability in the way it validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source. A successful exploit could also allow the attacker to conduct man-in-the-middle attacks and decrypt confidential information on user connections to the affected software. The vulnerability is also known under the moniker of CurveBall.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2019-1214Plan to patch
Microsoft Windows Privilege Common Log File System (CLFS) Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Common Log File System (CLFS) driver improperly handles objects in memory which can allow for privilege escalation.
Added to KEV Nov 3, 2021 · Microsoft Windows
CVE-2019-0863Plan to patch
Microsoft Windows Error Reporting (WER) Privilege Escalation Vulnerability
Affects anyone running Windows workstations or servers. In a small CPA, legal, or dental practice, Windows is typically the platform your accounting, document management, or practice management software runs on — exploitation gives an attacker access to whatever client files and credentials live on those machines.
Microsoft Windows Error Reporting (WER) contains a privilege escalation vulnerability due to the way it handles files, allowing for code execution in kernel mode.
Added to KEV Nov 3, 2021 · Microsoft Windows