Microsoft : Security Vulnerabilities, CVEs, (Denial of service)

Windows Hyper-V Denial of Service Vulnerability

The MSAL library enabled acquisition of security tokens to call protected APIs. MSAL.NET applications targeting Xamarin Android and .NET Android (e.g., MAUI) using the library from versions 4.48.0 to 4.60.0 are impacted by a low severity vulnerability. A malicious application running on a customer Android device can cause local denial of service against applications that were built using MSAL.NET for authentication on the same device (i.e., prevent the user of the legitimate application from logging in) due to incorrect activity export configuration. MSAL.NET version 4.60.1 includes the fix. As a workaround, a developer may explicitly mark the MSAL.NET activity non-exported.

Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability

HTTP.sys Denial of Service Vulnerability

DHCP Server Service Denial of Service Vulnerability

DHCP Server Service Denial of Service Vulnerability

Windows Standards-Based Storage Management Service Denial of Service Vulnerability

Microsoft QUIC Denial of Service Vulnerability

Windows Kerberos Denial of Service Vulnerability

Windows Kernel Denial of Service Vulnerability

Microsoft AllJoyn API Denial of Service Vulnerability

Windows Hyper-V Denial of Service Vulnerability

.NET Denial of Service Vulnerability

.NET and Visual Studio Denial of Service Vulnerability

.NET Denial of Service Vulnerability

Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability

Internet Connection Sharing (ICS) Denial of Service Vulnerability

Windows Network Address Translation (NAT) Denial of Service Vulnerability

Windows Network Address Translation (NAT) Denial of Service Vulnerability

Windows DNS Client Denial of Service Vulnerability

Microsoft Identity Denial of service vulnerability

.NET Framework Denial of Service Vulnerability

Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Acrobat Reader T5 (MSFT Edge) versions 120.0.2210.91 and earlier are affected by an Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

Windows Hyper-V Denial of Service Vulnerability