Azure Sphere Tampering Vulnerability
A DLL Hijacking caused by drive remapping combined with a poisoning of the activation cache in Microsoft Windows 10, Windows 11, Windows Server 2016, Windows Server 2019, and Windows Server 2022 allows a malicious authenticated attacker to elevate from a medium integrity process to a high integrity process without the intervention of a UAC prompt.
Improper neutralization of special elements used in a command ('command injection') in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows WalletService allows an unauthorized attacker to elevate privileges locally.
Use after free in Windows Clipboard Server allows an unauthorized attacker to elevate privileges locally.
Heap-based buffer overflow in Windows Virtualization-Based Security (VBS) Enclave allows an authorized attacker to elevate privileges locally.
Intune Management Extension Security Feature Bypass Vulnerability
Windows Secure Kernel Mode Security Feature Bypass Vulnerability
Open Enclave SDK Elevation of Privilege Vulnerability
Windows Partition Management Driver Elevation of Privilege Vulnerability
Active Template Library Elevation of Privilege Vulnerability
Windows Secure Kernel Mode Elevation of Privilege Vulnerability
Windows Defender Application Control (WDAC) Security Feature Bypass Vulnerability
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
Microsoft Windows Server Backup Elevation of Privilege Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Secure Boot Security Feature Bypass Vulnerability
The Microsoft vulnerable driver block list is implemented as Windows Defender Application Control (WDAC) policy. Entries that specify only the to-be-signed (TBS) part of the code signer certificate are properly blocked, but entries that specify the signing certificate's TBS hash along with a 'FileAttribRef' qualifier (such as file name or version) may not be blocked, whether hypervisor-protected code integrity (HVCI) is enabled or not. NOTE: The vendor disputes this CVE ID assignment and states that the driver blocklist is intended for use with HVCI.
<p>A security feature bypass vulnerability exists in the PowerShellGet V2 module. An attacker who successfully exploited this vulnerability could bypass WDAC (Windows Defender Application Control) policy and execute arbitrary code on a policy locked-down machine.</p> <p>An attacker must have administrator privileges to create a configuration that includes installing PowerShellGet V2 module onto a machine from the PowerShell Gallery. The WDAC policy must be configured to allow the module to run. After this is done, PowerShell script can be injected and run fully trusted, allowing the attacker arbitrary code execution on the machine.</p> <p>The update addresses the vulnerability by changing how URLs are processed.</p>
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1251, CVE-2020-1253.
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1253, CVE-2020-1310.
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1207, CVE-2020-1247, CVE-2020-1251, CVE-2020-1310.
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.
Secure Boot Security Feature Bypass Vulnerability
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.
Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally.
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Proxy Driver Spoofing Vulnerability
<p>A security feature bypass vulnerability exists in Windows Defender Application Control (WDAC) which could allow an attacker to bypass WDAC enforcement. An attacker who successfully exploited this vulnerability could execute PowerShell commands that would be blocked by WDAC.</p> <p>To exploit the vulnerability, an attacker need administrator access on a local machine where PowerShell is running. The attacker could then connect to a PowerShell session and send commands to execute arbitrary code.</p> <p>The update addresses the vulnerability by correcting how PowerShell commands are validated when WDAC protection is enabled.</p>
A security feature bypass vulnerability exists in secure boot, aka 'Microsoft Secure Boot Security Feature Bypass Vulnerability'.
Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this vulnerability. An elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security (VBS), including a subset of Azure Virtual Machine SKUS. This vulnerability enables an attacker with administrator privileges to replace current versions of Windows system files with outdated versions. By exploiting this vulnerability, an attacker could reintroduce previously mitigated vulnerabilities, circumvent some features of VBS, and exfiltrate data protected by VBS. Update: July 10, 2025 Microsoft has addressed this vulnerability for Windows 10 1507, Windows 10, version 1607, Windows 10, version 1809, and Windows Server 2016 and Windows Server 2018. This ensures that mitigations are available to protect all supported versions of Windows 10 and Windows 11 from this vulnerability. See the available mitigations and deployment guidelines described in KB5042562: Guidance for blocking rollback of virtualization-based security related updates. Update: August 13, 2024 Microsoft has released the August 2024 security updates that include an opt-in revocation policy mitigation to address this vulnerability. Customers running affected versions of Windows are encouraged to review KB5042562: Guidance for blocking rollback of virtualization-based security related updates to assess if this opt-in policy meets the needs of their environment before implementing this mitigation. There are risks associated with this mitigation that should be understood prior to applying it to your systems. Detailed information about these risks is also available in KB5042562. Details: A security researcher informed Microsoft of an elevation of privilege vulnerability in Windows 10, Windows 11, Windows Server 2016, and higher based systems including Azure Virtual Machines (VM) that support VBS. For more information on Windows versions and VM SKUs supporting VBS, reference: Virtualization-based Security (VBS) | Microsoft Learn. The vulnerability enables an attacker with administrator privileges on the target system to replace current Windows system files with outdated versions. Successful... See more at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21302
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability
BitLocker Security Feature Bypass Vulnerability
Secure Boot Security Feature Bypass Vulnerability
Windows Named Pipe Filesystem Elevation of Privilege Vulnerability
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
Windows Resilient File System (ReFS) Deduplication Service Elevation of Privilege Vulnerability
Use after free in Microsoft Brokering File System allows an unauthorized attacker to elevate privileges locally.
Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Resilient File System (ReFS) allows an unauthorized attacker to elevate privileges locally.
Use after free in Windows Kernel allows an unauthorized attacker to elevate privileges locally.
Use after free in Windows NTFS allows an unauthorized attacker to elevate privileges locally.
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.
Access of resource using incompatible type ('type confusion') in Windows Defender Firewall Service allows an authorized attacker to elevate privileges locally.