Microsoft Fixes 71 Bugs Including Three Zero Days
None were reported as being exploited in the wild Read More
ZDI-22-493: Microsoft Windows win32kfull PDEV Use-After-Free Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
ZDI-22-494: Microsoft Office Visio EMF EMR_COMMENT_EMFPLUS Type Confusion Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in...
ZDI-22-495: Microsoft Azure Defender for IoT Password Change Command Injection Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Azure Defender for IoT. An attacker must first obtain the ability to...
ZDI-22-496: Microsoft Azure Defender for IoT Password Change Command Injection Privilege Escalation Vulnerability
This vulnerability allows remote attackers to escalate privileges on affected installations of Microsoft Azure Defender for IoT. Authentication is required to exploit this vulnerability. Read...
ZDI-22-497: Microsoft Windows CLFS Integer Overflow Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged...
ZDI-22-498: Microsoft Windows CD-ROM Driver Uninitialized Pointer Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
ZDI-22-499: Microsoft Windows CD-ROM Driver Uninitialized Pointer Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code...
ZDI-22-500: Microsoft Office Visio EMF EMR_COMMENT_EMFPLUS Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in...
ZDI-22-501: Microsoft Office Visio EMF EMR_COMMENT_EMFPLUS Untrusted Pointer Dereference Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in...