Windows Microsoft Windows

Do you want an email whenever new security vulnerabilities are reported in Microsoft Windows?

Recent Microsoft Windows Security Advisories

Advisory Title Published
CVE-2021-40475 Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability October 12, 2021
CVE-2021-40476 Windows AppContainer Elevation Of Privilege Vulnerability October 12, 2021
CVE-2021-36953 Windows TCP/IP Denial of Service Vulnerability October 12, 2021
CVE-2021-41347 Windows AppX Deployment Service Elevation of Privilege Vulnerability October 12, 2021
CVE-2021-40455 Windows Installer Spoofing Vulnerability October 12, 2021
CVE-2021-38663 Windows exFAT File System Information Disclosure Vulnerability October 12, 2021
CVE-2021-40456 Windows AD FS Security Feature Bypass Vulnerability October 12, 2021
CVE-2021-36970 Windows Print Spooler Spoofing Vulnerability October 12, 2021
CVE-2021-40443 Windows Common Log File System Driver Elevation of Privilege Vulnerability October 12, 2021
CVE-2021-38662 Windows Fast FAT File System Driver Information Disclosure Vulnerability October 12, 2021

By the Year

In 2021 there have been 2 vulnerabilities in Microsoft Windows with an average score of 7.8 out of ten. Windows did not have any published security vulnerabilities last year. That is, 2 more vulnerabilities have already been reported in 2021 as compared to last year.

Year Vulnerabilities Average Score
2021 2 7.80
2020 0 0.00
2019 0 0.00
2018 2 7.80

It may take a day or so for new Windows vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Windows Security Vulnerabilities

Windows Print Spooler Remote Code Execution Vulnerability

CVE-2021-36958 7.8 - High - August 12, 2021

Windows Print Spooler Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-36936, CVE-2021-36947.

Windows Print Spooler Elevation of Privilege Vulnerability

CVE-2021-34481 7.8 - High - July 16, 2021

Windows Print Spooler Elevation of Privilege Vulnerability

Improper Privilege Management

Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled with Microsoft Windows

CVE-2018-0598 7.8 - High - June 26, 2018

Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled with Microsoft Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Untrusted Path

Untrusted search path vulnerability in the installer of Visual C++ Redistributable

CVE-2018-0599 7.8 - High - June 26, 2018

Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

Untrusted Path

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code

CVE-2011-3389 - September 06, 2011

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

Improper Input Validation

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Windows or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe