[BESAdmin-Announcements] Content Modification: Updates for Kev Content published 2025-02-17
Announcements for BES Administrators
besadmin-announcements at bigmail.bigfix.com
Mon Feb 17 11:09:31 PST 2025
Total New Fixlets: 3
Total Updated Fixlets: 143
Total Fixlets in Site: 2833
Total CVEs Covered: 812
Release Date: 2025-02-17
New Fixlets:
36000 Apple iOS and iPadOS Incorrect Authorization Vulnerability -
Apple iOS
36010 Linux Kernel Out-of-Bounds Write Vulnerability - SLE
36020 Linux Kernel Out-of-Bounds Write Vulnerability - RHEL
Updated Fixlets:
12800 Apache Tomcat Remote Code Execution Vulnerability - Any
Version of Windows
32260 HTTP/2 Rapid Reset Attack Vulnerability - Windows 10
6150 Microsoft Windows MSHTML Platform Remote Code Execution
Vulnerability - Windows 10
5640 Microsoft Windows Scripting Engine Memory Corruption
Vulnerability - Windows 10
27660 Microsoft Windows Desktop Window Manager (DWM) Core Library
Privilege Escalation Vulnerability - Windows 10
6670 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows 10
6160 Microsoft Active Directory Domain Services Privilege Escalation
Vulnerability - Windows 10
21010 Microsoft Windows Common Log File System (CLFS) Driver
Privilege Escalation Vulnerability - Windows 10
5650 Microsoft Windows Common Log File System (CLFS) Driver
Privilege Escalation Vulnerability - Windows 10
35860 Microsoft Windows Storage Link Following Vulnerability -
Windows Server 2016
14870 Microsoft Windows SmartScreen Security Feature Bypass
Vulnerability - Windows 10
27670 Microsoft Windows Cloud Files Mini Filter Driver Privilege
Escalation Vulnerability - Windows 10
5660 Microsoft Windows Client Server Runtime Subsystem (CSRSS)
Privilege Escalation Vulnerability - Windows 10
35870 Microsoft Windows Ancillary Function Driver for WinSock
Heap-Based Buffer Overflow Vulnerability - Windows Server 2016
27680 Microsoft Windows Mark of the Web (MOTW) Security Feature
Bypass Vulnerability - Windows 10
35880 Microsoft Windows Storage Link Following Vulnerability -
Windows Server 2019
27690 Microsoft Windows SmartScreen Security Feature Bypass
Vulnerability - Windows 10
29740 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows 10
5680 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows 10
35890 Microsoft Windows Ancillary Function Driver for WinSock
Heap-Based Buffer Overflow Vulnerability - Windows Server 2019
34870 Android Kernel Remote Code Execution Vulnerability - RHEL
6200 Microsoft Windows CNG Key Isolation Service Privilege
Escalation Vulnerability - Windows 10
35900 Microsoft Windows Storage Link Following Vulnerability -
Windows 10
30270 PHP-CGI OS Command Injection Vulnerability - Any Version of
Windows
34880 Android Kernel Remote Code Execution Vulnerability - Oracle
Linux
31810 Linux Kernel Heap-Based Buffer Overflow Vulnerability - RHEL
35910 Microsoft Windows Ancillary Function Driver for WinSock
Heap-Based Buffer Overflow Vulnerability - Windows 10
16460 Adobe Flash Player Use-After-Free Vulnerability - Any Version
of Windows
31820 Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
15950 Adobe Flash Player ASLR Bypass Vulnerability - Any Version of
Windows
5710 Microsoft Win32k Privilege Escalation Vulnerability - Windows
10
35920 Microsoft Windows Ancillary Function Driver for WinSock
Heap-Based Buffer Overflow Vulnerability - Windows Server 2008 SP2
32340 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2022
5720 Microsoft Windows LSA Spoofing Vulnerability - Windows 10
33890 Microsoft Windows Kernel TOCTOU Race Condition Vulnerability -
Windows 10
35940 Microsoft Windows Storage Link Following Vulnerability -
Windows Server 2022
35430 Microsoft Windows Hyper-V NT Kernel Integration VSP
Use-After-Free Vulnerability - Windows 10
6250 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows 10
35950 Microsoft Windows Ancillary Function Driver for WinSock
Heap-Based Buffer Overflow Vulnerability - Windows Server 2022
30320 Microsoft Windows Error Reporting Service Improper Privilege
Management Vulnerability - Windows 10
35440 Microsoft Windows Hyper-V NT Kernel Integration VSP
Use-After-Free Vulnerability - Windows 10
29810 Microsoft SmartScreen Prompt Security Feature Bypass
Vulnerability - Windows 10
6260 Microsoft Windows Installer Privilege Escalation Vulnerability
- Windows 10
35960 Microsoft Windows Storage Link Following Vulnerability -
Windows 11
35450 Microsoft Windows Hyper-V NT Kernel Integration VSP Heap-based
Buffer Overflow Vulnerability - Windows 10
32380 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows 11
35970 Microsoft Windows Ancillary Function Driver for WinSock
Heap-Based Buffer Overflow Vulnerability - Windows 11
32390 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows 11
5770 Microsoft Windows Print Spooler Remote Code Execution
Vulnerability - Windows 10
35980 Microsoft Windows Ancillary Function Driver for WinSock
Heap-Based Buffer Overflow Vulnerability - Windows Server 2025
32400 HTTP/2 Rapid Reset Attack Vulnerability - Windows 11
6290 Microsoft Windows Common Log File System (CLFS) Driver
Privilege Escalation Vulnerability - Windows 10
31890 Linux Kernel Heap-Based Buffer Overflow Vulnerability - Oracle
Linux
35990 Microsoft Windows Storage Link Following Vulnerability -
Windows Server 2025
6300 Microsoft Windows User Profile Service Privilege Escalation
Vulnerability - Windows 10
34980 Spring Framework JDK 9+ Remote Code Execution Vulnerability -
Any Version of Windows
31910 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
34990 Apache Tomcat Improper Privilege Management Vulnerability -
Any Version of Windows
6320 Microsoft Windows NTFS Privilege Escalation Vulnerability -
Windows 10
28850 Microsoft Windows SmartScreen Security Feature Bypass
Vulnerability - Windows 10
28860 Microsoft Windows Internet Shortcut Files Security Feature
Bypass Vulnerability - Windows 10
17600 TeamViewer Desktop Bypass Remote Login Vulnerability - Any
Version of Linux
31940 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
6350 Microsoft Enhanced Cryptographic Provider Privilege Escalation
Vulnerability - Windows 10
5840 Microsoft Desktop Window Manager (DWM) Core Library Privilege
Escalation Vulnerability - Windows 10
35030 Apache Tomcat Remote Code Execution Vulnerability - Any
Version of Windows
29910 Microsoft Windows MSHTML Platform Security Feature Bypass
Vulnerability - Windows 10
18650 Adobe Flash Player Dereferenced Pointer Vulnerability - Any
Version of Linux
19170 Webmin Command Injection Vulnerability - Any Version of Linux
31970 Linux Kernel Privilege Escalation Vulnerability - Oracle Linux
27370 Microsoft WordPad Information Disclosure Vulnerability -
Windows 10
16630 Adobe Flash Player Dereferenced Pointer Vulnerability - Any
Version of Windows
31990 Linux Kernel Use-After-Free Vulnerability - Oracle Linux
31490 Microsoft Windows Power Dependency Coordinator Privilege
Escalation Vulnerability - Windows 10
28930 Linux Kernel Use-After-Free Vulnerability - RHEL
30470 Linux Kernel Use-After-Free Vulnerability - RHEL
29450 Microsoft Streaming Service Untrusted Pointer Dereference
Vulnerability - Windows 10
6410 Microsoft Windows CLFS Driver Privilege Escalation
Vulnerability - Windows 10
31500 Microsoft Windows SmartScreen Security Feature Bypass
Vulnerability - Windows 10
31510 Microsoft Windows Kernel Privilege Escalation Vulnerability -
Windows 10
5910 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows 10
5400 Microsoft Defender SmartScreen Security Feature Bypass
Vulnerability - Windows 10
28950 Linux Kernel Privilege Escalation Vulnerability - RHEL
20250 Adobe Flash Player Use-After-Free Vulnerability - Any Version
of MacOS
35100 Microsoft Windows Common Log File System (CLFS) Driver
Heap-Based Buffer Overflow Vulnerability - Windows 10
31520 Microsoft Windows Ancillary Function Driver for WinSock
Privilege Escalation Vulnerability - Windows 10
5920 Microsoft Win32k Privilege Escalation Vulnerability - Windows
10
6440 Microsoft Windows Mark of the Web (MOTW) Security Feature
Bypass Vulnerability - Windows 10
31530 Microsoft Windows Scripting Engine Memory Corruption
Vulnerability - Windows 10
5420 Microsoft Windows Print Spooler Remote Code Execution
Vulnerability - Windows 10
29490 Microsoft Windows Kernel Exposed IOCTL with Insufficient
Access Control Vulnerability - Windows 10
6450 Microsoft Windows Update Medic Service Privilege Escalation
Vulnerability - Windows 10
5940 Microsoft Windows COM+ Event System Service Privilege
Escalation Vulnerability - Windows 10
5430 Microsoft Windows Kernel Information Disclosure Vulnerability -
Windows 10
6460 Microsoft Windows Graphic Component Privilege Escalation
Vulnerability - Windows 10
32580 Microsoft Windows MSHTML Platform Spoofing Vulnerability -
Windows 10
5960 Microsoft Windows Common Log File System (CLFS) Driver
Privilege Escalation Vulnerability - Windows 10
26450 Microsoft Windows Search Remote Code Execution Vulnerability -
Windows 10
5980 Microsoft Enhanced Cryptographic Provider Privilege Escalation
Vulnerability - Windows 10
14180 Microsoft Defender Remote Code Execution Vulnerability - Any
Version of Windows
6500 Microsoft Windows Advanced Local Procedure Call (ALPC)
Privilege Escalation Vulnerability - Windows 10
5480 Microsoft Windows Runtime Remote Code Execution Vulnerability -
Windows 10
35690 7-Zip Mark of the Web Bypass Vulnerability - Any Version of
Windows
25450 Mozilla Firefox, Firefox ESR, and Thunderbird Use-After-Free
Vulnerability - Any Version of MacOS
19820 Adobe Flash Player ASLR Bypass Vulnerability - Any Version of
MacOS
32620 Microsoft Windows MSHTML Platform Spoofing Vulnerability -
Windows 11
35700 Apple OS X Authentication Bypass Vulnerability - Any Version
of MacOS
32120 HTTP/2 Rapid Reset Attack Vulnerability - Any Version of
Windows
14210 Microsoft Malware Protection Engine Improper Restriction of
Operations Vulnerability - Any Version of Windows
6020 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code
Execution Vulnerability - Windows 10
31120 Microsoft Windows MSHTML Platform Spoofing Vulnerability -
Windows 10
5520 Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code
Execution Vulnerability - Windows 10
30100 Microsoft DWM Core Library Privilege Escalation Vulnerability
- Windows 10
6550 Microsoft Windows Kernel Privilege Escalation Vulnerability -
Windows 10
6040 Microsoft Windows Event Tracing Privilege Escalation
Vulnerability - Windows 10
5530 Microsoft Windows Kernel Privilege Escalation Vulnerability -
Windows 10
32670 Apple Multiple Products WebKit Type Confusion Vulnerability -
Ubuntu
6050 Microsoft Windows Mark of the Web (MOTW) Security Feature
Bypass Vulnerability - Windows 10
5540 Microsoft Windows Scripting Languages Remote Code Execution
Vulnerability - Windows 10
20390 Adobe Flash Player Dereferenced Pointer Vulnerability - Any
Version of MacOS
34730 Microsoft Windows Task Scheduler Privilege Escalation
Vulnerability - Windows 10
34740 Microsoft Windows NTLMv2 Hash Disclosure Spoofing
Vulnerability - Windows 10
33720 Microsoft Windows MSHTML Platform Spoofing Vulnerability -
Windows 10
25530 Microsoft Windows MSHTML Platform Privilege Escalation
Vulnerability - Windows 10
30140 Linux Kernel Use-After-Free Vulnerability - Ubuntu
6590 Microsoft Win32k Privilege Escalation Vulnerability - Windows
10
32190 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2016
33730 Microsoft Windows Management Console Remote Code Execution
Vulnerability - Windows 10
25540 Microsoft Windows Error Reporting Service Privilege Escalation
Vulnerability - Windows 10
25550 Microsoft Windows Defender SmartScreen Security Feature Bypass
Vulnerability - Windows 10
35280 Microsoft Windows Kernel-Mode Driver Untrusted Pointer
Dereference Vulnerability - Windows 10
27100 Microsoft Windows CNG Key Isolation Service Privilege
Escalation Vulnerability - Windows 10
6620 Microsoft Windows Win32k Privilege Escalation Vulnerability -
Windows 10
32220 HTTP/2 Rapid Reset Attack Vulnerability - Windows Server 2019
27110 Microsoft Streaming Service Proxy Privilege Escalation
Vulnerability - Windows 10
32230 Microsoft Windows Installer Improper Privilege Management
Vulnerability - Windows 10
6630 Microsoft Windows Print Spooler Privilege Escalation
Vulnerability - Windows 10
18410 Adobe Flash Player Use-After-Free Vulnerability - Any Version
of Linux
17900 Adobe Flash Player ASLR Bypass Vulnerability - Any Version of
Linux
32240 Microsoft Windows Mark of the Web (MOTW) Protection Mechanism
Failure Vulnerability - Windows 10
6640 Microsoft Windows SAM Local Privilege Escalation Vulnerability
- Windows 10
5620 Microsoft MSHTML Remote Code Execution Vulnerability - Windows
10
35830 Apple OS X Authentication Bypass Vulnerability - Mac 10.10
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://bigmail.bigfix.com/pipermail/besadmin-announcements/attachments/20250217/941d6754/attachment.html>
More information about the Besadmin-announcements
mailing list