| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Out-of-bounds read in Windows RDP allows an unauthorized attacker to disclose information over a network. |
| Exposure of sensitive information to an unauthorized actor in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. |
| Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
| Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. |
| Integer overflow or wraparound in Windows Win32K - GRFX allows an unauthorized attacker to execute code locally. |
| Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
| Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network. |
| Use after free in Windows Win32K - ICOMP allows an authorized attacker to elevate privileges locally. |
| Microsoft is aware of a security feature bypass vulnerability in Windows publicly referred to as "YellowKey". The proof of concept for this vulnerability has been made public violating coordinated vulnerability best practices.
We are issuing this CVE to provide mitigation guidance that can be implemented to protect against this vulnerability until the security update is made available.
Mitigation FAQs
Should I leverage the temporary mitigation?
Microsoft recommends that you consider implementing these mitigations if you are concerned your devices and data are at risk of being compromised or stolen. For example, if your organization’s employees take their work devices home or on business travel.
What impact to service availability/management could be caused by implementing the mitigations?
Implementing these mitigations will not impact service availability or management operations.
Do customers need to revert the changes made to mitigate the vulnerability once the security update to protect against this vulnerability is available?
No. The security update will maintain the mitigation's behavior once the security update is installed.
I am using TPM+PIN, am I at risk of this vulnerability being exploited
No, if you are using TPM+PIN the vulnerability is not exploitable. |
| Windows Remote Desktop Services Remote Code Execution Vulnerability |
| Windows Remote Desktop Services Remote Code Execution Vulnerability |
| Windows Remote Desktop Services Denial of Service Vulnerability |
| Sensitive data storage in improperly locked memory in Windows Remote Desktop Services allows an unauthorized attacker to execute code over a network. |
| Windows Remote Desktop Services Remote Code Execution Vulnerability |
| Windows Remote Desktop Services Remote Code Execution Vulnerability |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability |
| Windows Remote Desktop Services Remote Code Execution Vulnerability |
