A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.

An attacker who successfully exploited this vulnerability could gain the same user rights as the local user. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

The attacker could present to the user a removable drive, or remote share, that contains a malicious .LNK file and an associated malicious binary. When the user opens this drive(or remote share) in Windows Explorer, or any other application that parses the .LNK file, the malicious binary will execute code of the attacker’s choice, on the target system.

The security update addresses the vulnerability by correcting the processing of shortcut LNK references.

Information published.

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the user every time a user visits the compromised page.

The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current user. The attacks could allow the attacker to read content that the attacker is not authorized to read, execute malicious code, and use the victim's identity to take actions on the site on behalf of the user, such as change permissions and delete content.

The security update addresses the vulnerability by ensuring that Azure DevOps Server sanitizes user inputs.

Information published.

An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project.

To exploit this vulnerability, an attacker would first have to have access to the project and swap the short-term token for a long-term one.

The update addresses the vulnerability by correcting how the Azure DevOps Server and Team Foundation Services updater handles these tokens.

Information published.

An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.

To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability to elevate privileges.

The update addresses the vulnerability by correcting how Windows Defender Security Center handles certain objects in memory.

Information published.

An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.

To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability to elevate privileges.

The update addresses the vulnerability by correcting how Windows Defender Security Center handles certain objects in memory.

Information published.

An information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity. An attacker who successfully exploited this vulnerability could read arbitrary files via an XML external entity (XXE) declaration.

To exploit the vulnerability, an attacker could create an RDG file containing specially crafted XML content and convince an authenticated user to open the file.

Where do I find the update for Remote Desktop Connection Manager (RDCMan)?

Microsoft is not planning on fixing this vulnerability in RDCMan and has deprecated the application. Microsoft recommends using supported Remote Desktop clients and exercising caution when opening RDCMan configuration files (.rdg).

Information published.

An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

An attacker could exploit this vulnerability by running a specially crafted application on the victim system.

The update addresses the vulnerability by correcting the way the Windows Work Folder Service handles file operations.

Information published.

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the Windows Network Connections Service properly handles objects in memory.

Information published.

An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links. An attacker who successfully exploited this vulnerability could bypass access restrictions to add or remove files.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and add or remove files.

The security update addresses the vulnerability by modifying how reparse points are handled by the Windows Installer.

Information published.

An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory. An attacker who successfully exploited the vulnerability could execute code with elevated permissions.

To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.

The security update addresses the vulnerability by ensuring the Windows Network List Service properly handles objects in memory.

Information published.

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.

The update addresses the vulnerability by correcting how the Windows UPnP service handles objects in memory.

Information published.

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted script or application.

The update addresses the vulnerability by correcting how the Windows UPnP service handles objects in memory.

Information published.

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks. An attacker who successfully exploited this vulnerability could delete files and folders in an elevated context.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and delete files or folders of their choosing.

The security update addresses the vulnerability by correcting how the Windows User Profile Service handles symlinks.

Information published.

A denial of service vulnerability exists when the Windows Tile Object Service improperly handles hard links. An attacker who successfully exploited the vulnerability could cause a target system to stop responding.

To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The vulnerability would allow an attacker to overwrite system files.

The update addresses the vulnerability by correcting how the Windows Tile Object Service handles hard links.

Information published.

An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The security update addresses the vulnerability by correcting how Windows BITS handles symbolic links.

Information published.

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

To exploit this vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.

The update addresses this vulnerability by correcting how Win32k handles objects in memory.

Information published.