Assistive Technologies Persistence

This module achieves persistence by registering a custom Assistive Technology AT in the Windows registry. Then it configures the system to launch the AT executable during user logon or desktop switch such as with an admin prived program. Requires Windows 8 or higher and administrative privileges...

BIT-LIBPYTHON-2020-8315

In Python CPython 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker's copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system's copy. Windows 8 and later are unaffected...

PT-2024-10599 · Microsoft · Windows 10 +3

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions 8 through 11 Description: The issue concerns a temporary client-side performance degradation that occurs when processing multiple Unicode combining characters, also known as a "Zalgo text" attack. This affects the...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows that stems from a number of Microsoft technologies used in Windows 8 through Windows 11 that allow for a temporar...

SAP GUI 信息泄露漏洞

SAP GUI is an application from SAP, a German company. graphical user interface for SAP systems. An information disclosure vulnerability exists in SAP GUI for Windows versions 7.70, 8.0. An attacker could exploit this vulnerability to obtain the victim's NTLM authentication information by tricking...

Microsoft Windows Codecs Library 安全漏洞

The Microsoft Windows Codecs Library is a library of features for the Microsoft Windows system from Microsoft Corporation. A security vulnerability exists in the Microsoft Windows Codecs Library. The following products and editions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 1...

Microsoft Windows Contacts 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows Contacts. The following products and editions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10...

KB5020447: Out-of-band update for Windows 8.1 and Server 2012 R2: October 17, 2022

KB5020447: Out-of-band update for Windows 8.1 and Server 2012 R2: October 17, 2022 Summary This update includes improvements for the following: It addresses an issue that might affect some types of Secure Sockets Layer SSL and Transport Layer Security TLS connections. These connections might have...

Microsoft SPNEGO Extended Negotiation 安全漏洞

Microsoft SPNEGO Extended Negotiation is a SPNEGO extension from Microsoft Corporation USA. A security vulnerability exists in Microsoft SPNEGO Extended Negotiation. The following products and editions are affected: Windows 8.1 for x64-based systems,Windows RT 8.1,Windows Server 2008 R2 for...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in Microsoft Windows OLE. The following products and editions are affected: Windows 10 Version 20H2 for x64-based Systems,Windows 10...

Microsoft Windows Fax Service 安全漏洞

Microsoft Windows Fax Service is a functional component service from Microsoft Corporation USA. It is used to specify fax settings, including how to send, receive, view, and print. A security vulnerability exists in Microsoft Windows Fax Service. The following products and versions are...

September 13, 2022-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 (KB5017531)

September 13, 2022-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 KB5017531 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1...

Microsoft Windows 安全漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A security vulnerability exists in the Microsoft Windows Credential Roaming Service. The following products and versions are affected:Windows 10 Version 1809 for 32-b...

Microsoft Windows Kerberos 安全漏洞

Microsoft Windows Kerberos is a software for authentication in network clusters from Microsoft Corporation.Kerberos also serves as a network authentication protocol designed to provide strong authentication services to client/server applications via a key system. A security vulnerability exists i...

Microsoft Windows Point-to-Point Tunneling Protocol 安全漏洞

Microsoft Windows Point-to-Point Tunneling Protocol PPTP is a network protocol from Microsoft that enables the secure transmission of data from remote clients to private corporate servers by creating a virtual private network VPN over a TCP/IP-based data network. VPN. A security vulnerability...

Microsoft Windows Kernel 安全漏洞

Microsoft Windows Kernel is the kernel of the Windows operating system by Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Kernel. The following products and editions are affected: Windows Server 2012 Server Core installation,Windows Server 2012 R2,Windows Server 20...

Microsoft Windows Bluetooth Service 安全漏洞

Microsoft Windows Bluetooth Service is a Bluetooth driver from Microsoft Corporation USA. A security vulnerability exists in Microsoft Windows Bluetooth Service. The following products and versions are affected:Windows 10 Version 1809 for 32-bit Systems,Windows 10 Version 1809 for x64-based...

August 9, 2022-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 (KB5016740)

August 9, 2022-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows 8.1, RT 8.1, and Windows Server 2012 R2 KB5016740 Applies to:Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microso...

Microsoft Windows 代码问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A code issue vulnerability exists in the Microsoft Windows Client/Server Runtime Subsystem. The following products and editions are affected:Windows 10 Version 1809 for 32-bit...

Microsoft Windows Group Policy 竞争条件问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A competitive conditions issue vulnerability exists in Microsoft Windows Group Policy. The following products and editions are affected:Windows 10 Version 1809 for...