Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.
Microsoft Power Automate Remote Code Execution Vulnerability
Microsoft DirectMusic Remote Code Execution Vulnerability
Microsoft Teams Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file. The update addresses the vulnerability by correcting the way the Windows Jet Database Engine handles objects in memory.
Windows Terminal Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
3D Viewer Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
Microsoft Defender Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
Print 3D Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
Windows Standards-Based Storage Management Service Remote Code Execution Vulnerability
3D Builder Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
Microsoft Event Trace Log File Parsing Remote Code Execution Vulnerability
Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability
Windows Media Remote Code Execution Vulnerability
Windows Security Zone Mapping Security Feature Bypass Vulnerability
Windows Media Remote Code Execution Vulnerability
3D Builder Remote Code Execution Vulnerability
Microsoft ODBC and OLE DB Remote Code Execution Vulnerability
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
Windows Media MPEG-4 Video Decoder Remote Code Execution Vulnerability
A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365. As of February 13, 2024, the ability to insert FBX files has also been disabled in 3D Viewer. 3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time. This change is effective as of the January 9, 2024 security update.
Visual Studio Remote Code Execution Vulnerability
Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability
Microsoft SharePoint Server Remote Code Execution Vulnerability
Windows Security Center API Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
3D Builder Remote Code Execution Vulnerability
Microsoft Office Visio Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
<p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.</p> <p>The update addresses the vulnerability by correcting how Visual Studio handles objects in memory.</p>
Windows MSHTML Platform Remote Code Execution Vulnerability
3D Builder Remote Code Execution Vulnerability
3D Builder Remote Code Execution Vulnerability
<p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.</p> <p>To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Visual Studio.</p> <p>The update addresses the vulnerability by correcting how Visual Studio handles objects in memory.</p>
Windows 10 Update Assistant Elevation of Privilege Vulnerability
Raw Image Extension Remote Code Execution Vulnerability
Microsoft Office Graphics Remote Code Execution Vulnerability
Windows Geolocation Service Remote Code Execution Vulnerability
Microsoft Word Remote Code Execution Vulnerability