KB5041592: Windows 11 version 21H2 Security Update (August 2024)

The remote Windows host is missing security update 5041592. It is, therefore, affected by multiple vulnerabilities - An elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security VBS including a subset of Azure Virtual Machine SKUS. This can allo...

KB5041573: Windows Server version 23H2 Security Update (August 2024)

The remote Windows host is missing security update 5041573. It is, therefore, affected by multiple vulnerabilities - An elevation of privilege vulnerability exists in Windows based systems supporting Virtualization Based Security VBS including a subset of Azure Virtual Machine SKUS. This can allo...

CVE-2024-21302

Summary: As of July 8, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this...

CVE-2024-21302

Microsoft has fixed CVE-2024-21302 for Windows systems with Virtualization-Based Security (VBS). The elevation-of-privilege vulnerability allowed an administrator to replace current Windows system files with older versions, potentially reintroducing mitigated VBS vulnerabilities and exfiltrating ...

Windows Update Stack Elevation of Privilege Vulnerability

Summary Microsoft was notified that an elevation of privilege vulnerability exists in Windows Update, potentially enabling an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities or circumvent some features of Virtualization Based Security VBS. However, an...

Windows Secure Kernel Mode Elevation of Privilege Vulnerability

Summary: As of July 10, 2025 Microsoft has completed mitigations to address this vulnerability. See KB5042562: Guidance for blocking rollback of virtualization-based security related updates and the Recommended Actions section of this CVE for guidance on how to protect your systems from this...

PT-2024-5720 · Microsoft · Windows 11 +4

Name of the Vulnerable Software and Affected Versions: Windows versions prior to the April 2025 security updates Windows 10 versions prior to the April 2025 security updates Windows 11 versions prior to the April 2025 security updates Windows Server 2016 and higher versions prior to the April 202...

PT-2024-5719 · Microsoft · Windows Update

Name of the Vulnerable Software and Affected Versions: Windows Update affected versions not specified Description: The issue is related to insufficient access control in Windows Update, potentially allowing an attacker with basic user privileges to reintroduce previously mitigated vulnerabilities...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows that stems from the presence of an elevation of privilege vulnerability that could allow an attacker with basic user privileges to...

New security features in Windows 11 protect users and empower IT

While attacks are getting more sophisticated, so are our defenses. With recent innovations like secured-core PCs that are 60 percent more resilient to malware than non-secured-core PCs,1 and the Microsoft Pluton Security Processor that adds more protection by isolating sensitive data like...

New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely

VBS and HVCI-enabled devices help protect from advanced attacks Escalation of privilege attacks are a malicious actor’s best friend, and they often target sensitive information stored in memory. These kinds of attacks can turn a minor user mode compromise into a full compromise of your OS and...

SureBackup for VM With VBS Enabled Fails With “Invalid change tracker error code”

Challenge A SureBackup job testing a VMware VM that has Virtualization-Based Security VBS enabled fails with the error: An error occurred while taking a snapshot: Invalid change tracker error code. An error occurred while taking a snapshot: Invalid change tracker error code. Cause This error occu...

Introducing Kernel Data Protection, a new platform security technology for preventing data corruption

Attackers, confronted by security technologies that prevent memory corruption, like Code Integrity CI and Control Flow Guard CFG, are expectedly shifting their techniques towards data corruption. Attackers use data corruption techniques to target system security policy, escalate privileges, tampe...

SYS.1.2.2.A8

Ziel des Bausteins SYS.1.2.2 ist die Absicherung von Microsoft Windows Server 2012 und Microsoft Windows Server 2012 R2. Die Standard-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify...

Microsoft Windows: Turn On Virtualization Based Security (Select Platform Security Level)

Specifies whether Virtualization Based Security is enabled. Virtualization Based Security uses the Windows Hypervisor to provide support for security services. Virtualization Based Security requires Secure Boot, and can optionally be enabled with the use of DMA Protections. DMA protections requir...

Microsoft Windows: Turn On Virtualization Based Security (Credential Guard Configuration)

Specifies whether Virtualization Based Security is enabled. Virtualization Based Security uses the Windows Hypervisor to provide support for security services. Virtualization Based Security requires Secure Boot, and can optionally be enabled with the use of DMA Protections. DMA protections requir...

Microsoft Windows: Turn On Virtualization Based Security (Virtualization Based Protection of Code Integrity)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winvbsprotectioncodeintegrity.nasl 11381 2018-09-13 14:55:03Z emoss $ Check value for Turn On Virtualization Based Security: Virtualization Based Protection of Code Integrity Authors: Emanuel Moss Copyright: Copyright c 2018...

Microsoft Windows: Turn On Virtualization Based Security (Require UEFI Memory Attributes Table)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winvbsrequireuefi.nasl 11381 2018-09-13 14:55:03Z emoss $ Check value for Turn On Virtualization Based Security: Require UEFI Memory Attributes Table Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

Microsoft Guidance to mitigate L1TF variant

Executive Summary On January 3, 2018, Microsoft released an advisory and security updates for a new class of hardware vulnerabilities involving speculative execution side channels known as Spectre and Meltdown. Microsoft is aware of a new speculative execution side channel vulnerability known as ...

Black Hat 2018: Stealthy Kernel Attack Flies Under Windows Mitigation Radar

There are lots of Holy Grails when it comes to compromising endpoints. One of them has long been an attack that leads to kernel ring0 access on a Windows system. That translates into so-called “God Mode” for hackers — and “game over” for victims. This is why Microsoft has gone to great lengths ov...