SB20240813119 - Multiple vulnerabilities in Microsoft Windows Kernel

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Improper Neutralization of Special Elements (CVE-ID: CVE-2024-38133)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper neutralization of special elements in Windows Kernel, which leads to security restrictions bypass and privilege escalation.

2) Time-of-check Time-of-use (TOCTOU) Race Condition (CVE-ID: CVE-2024-38153)

The vulnerability allows a local user to compromise the target system.

The vulnerability exists due to a time-of-check, time-of-use (TOCTOU) race condition in Windows Kernel. A local user can gain elevated privileges on the target system.

3) Out-of-bounds read (CVE-ID: CVE-2024-38151)

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to a boundary condition in Windows Kernel. A local user can trigger an out-of-bounds read error and read contents of memory on the system.

Remediation

Install update from vendor's website.

References

• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38133
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38153
• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38151