Microsoft 脆弱性

タイムライン

タイプ

製品

Microsoft Windows5065
Microsoft Internet Explorer1135
Microsoft Edge973
Microsoft Office467
Microsoft SharePoint Server215

修復

Official Fix9652
Temporary Fix1
Workaround24
Unavailable66
Not Defined257

悪用可能性

High415
Functional41
Proof-of-Concept1425
Unproven3353
Not Defined4766

アクセスベクター

Not Defined0
Physical80
Local1742
Adjacent238
Network7940

認証

Not Defined0
High381
Low4185
None5434

ユーザー操作

Not Defined0
Required4232
None5768

C3BM Index

CVSSv3 Base

≤10
≤20
≤317
≤4185
≤51138
≤61623
≤72453
≤82865
≤91352
≤10367

CVSSv3 Temp

≤10
≤20
≤351
≤4302
≤51478
≤62213
≤72897
≤82203
≤9660
≤10196

VulDB

≤10
≤24
≤3132
≤4533
≤51337
≤61051
≤73333
≤81861
≤91355
≤10394

NVD

≤10
≤20
≤310
≤448
≤5319
≤6781
≤7477
≤82391
≤9598
≤10131

CNA

≤10
≤20
≤34
≤415
≤5113
≤6233
≤7478
≤81134
≤9473
≤1071

ベンダー

≤10
≤20
≤317
≤462
≤5866
≤6709
≤71022
≤82633
≤9728
≤10124

Research

≤10
≤20
≤30
≤40
≤50
≤61
≤70
≤81
≤91
≤100

0dayエクスプロイト

<1k10
<2k11
<5k183
<10k736
<25k2404
<50k3062
<100k3066
≥100k528

本日のエクスプロイト

<1k3829
<2k543
<5k1177
<10k1459
<25k2870
<50k105
<100k17
≥100k0

闇ツールの市場規模

🔴 CTI アクティビティ

Affected Products (419): .NET (46), .NET Core (23), .NET Core SDK (1), .NET Education Bundle SDK Install Tool (1), .NET Framework (133), .NET Install Tool for Extension Authors (1), 3D Builder (20), 3D Viewer (10), 4K Wireless Display Adapter (1), 365 Apps for Enterprise (26), @azure-ms-rest-nodeauth (1), ADAL.NET (1), ASP.NET (8), ASP.NET Core (27), ASP.NET Core MVC (2), ASP.NET MVC (1), ASP .NET SignalR (1), AV1 Video Extension (6), Access (8), Accessibility Insights (1), Accessibility Insights for Web (1), Active Directory Federation Services (1), Anti-cross Site Scripting Library (1), App Installer (1), Application Inspector (1), Arc Cluster Extension (1), Authentication Library (1), Authenticator (1), AutoUpdate (1), AutoUpdate for Mac (1), Azure (5), Azure AD (1), Azure AD B2C (1), Azure AD Connect (1), Azure AI Playground (1), Azure AI Search (1), Azure API Management Service (1), Azure ARC (1), Azure Active Directory (1), Azure Active Directory B2C (1), Azure Active Directory Connect (2), Azure Active Directory Passport (1), Azure App Service (3), Azure App Service on Azure Stack Hub (1), Azure Arc-Enabled Servers (1), Azure Arc-enabled Kubernetes Cluster (1), Azure Arc Jumpstart (1), Azure Automation (3), Azure Automation State Configuration (1), Azure Automation Update Management (2), Azure Bastion (1), Azure Batch (1), Azure CLI (2), Azure Cognitive Search (1), Azure Command-Line Interface (1), Azure Compute Gallery (1), Azure Connected Machine Agent (4), Azure Container Instance (1), Azure Container Registry (1), Azure CycleCloud (7), Azure Data Box Gateway (1), Azure Data Explorer (1), Azure Data Studio (1), Azure DevOps Server (39), Azure Diagnostics (1), Azure Digital Twins Explorer (1), Azure EFLOW (1), Azure File Sync (2), Azure Front Door (1), Azure Function Apps (1), Azure Functions (2), Azure Guest Configuration (1), Azure HDInsights (8), Azure Health Bot (1), Azure Health Bot Service (4), Azure Identity Library (1), Azure Identity Library for .NET (1), Azure Identity SDK (1), Azure Identity SDK for .NET (1), Azure IoT CLI Extension (1), Azure IoT Edge (2), Azure IoT SDK (3), Azure Kinect SDK (1), Azure Kubernetes Service (5), Azure Kubernetes Service Confidential Container (1), Azure Kubernetes Service Confidential Containers (3), Azure Linux Guest Agent (1), Azure Logic Apps (2), Azure Machine Learning (2), Azure Machine Learning SDK (1), Azure Machine Learning Service (1), Azure Managed Instance for Apache Cassandra (1), Azure Migrate (3), Azure Monitor Agent (3), Azure Network Watcher VM Agent (2), Azure Network Watcher VM Extension (3), Azure On-Premises Data Gateway (1), Azure Open Management Infrastructure (5), Azure Pack Rollup (1), Azure Pipelines Agent (1), Azure Private 5G Core (1), Azure RTOS (6), Azure RTOS GUIX (1), Azure RTOS GUIX Studio (2), Azure RTOS USBX (2), Azure Real Time Operating System GUIX Studio (8), Azure Resource Manager (1), Azure SDK (1), Azure SDK for .NET (1), Azure SDK for Java (1), Azure SSH Keypairs (1), Azure Science Virtual Machine (1), Azure Security Center (2), Azure Sentinel (2), Azure Service Connector (1), Azure Service Fabric (5), Azure Service Fabric Explorer (1), Azure Site Recovery (3), Azure Site Recovery VMWare to Azure (80), Azure Sphere (30), Azure Spring Cloud (1), Azure Stack (1), Azure Stack Edge (2), Azure Stack Hub (6), Azure StorSimple 8000 (1), Azure Storage Blobs Client Library (2), Azure Storage Movement Client Library (1), Azure Storage Mover Agent (1), Azure Web Apps (1), Azure setup-kubectl (1), Bing (1), Bing Search (3), BizTalk ESB Toolkit (1), Bond (1), Bot Framework SDK (2), Business Productivity Servers (1), C SDK for Azure IoT (2), ChakraCore (207), Chakra Core (5), Chess Titan (1), Clarity (1), Clarity Plugin (1), Common Data Model SDK (1), Common Utilities (1), Compiled HTML Help (1), Container Monitoring Solution (2), Copilot Studio (1), Data.OData (1), Data Access Components (2), Defender (1), Defender Antimalware Platform (1), Defender Security Intelligence Updates (2), Defender for Endpoint (4), Defender for Endpoint for Windows (1), Defender for IoT (20), Desktop Client for Mac (1), Diagnostics Troubleshooting Wizard (1), Dynamics (1), Dynamics 365 (74), Dynamics 365 BC On Premise (2), Dynamics 365 Business Central (14), Dynamics 365 Business Central Online (1), Dynamics 365 Commerce (1), Dynamics 365 Customer Engagement (2), Dynamics 365 Customer Insights (2), Dynamics 365 Field Service (1), Dynamics 365 Unified Service Desk (1), Dynamics 365 for Finance (2), Dynamics 365 for Finance and Operations (6), Dynamics 365 on-premises (1), Dynamics AX (2), Dynamics CRM (4), Dynamics CRM Service Portal Web Resource (1), Dynamics GP (5), Dynamics NAV (8), Edge (973), Endpoint Configuration Manager (1), Endpoint Protection (1), Enhanced Mitigation Experience Toolkit EMET (1), Entra ID (1), Entra Jira Single-Sign-On Plugin (1), Excel (163), Excel 2010 SP2 (1), Exchange (14), Exchange Server (147), Expression Design (1), FAST ESP (1), FSLogix (1), File Checksum Integrity Verifier (1), Forefront Endpoint Protection (6), Forefront Security for Exchange Server (1), Forefront Threat Management Gateway (1), Forefront Unified Access Gateway (12), FrontPage (1), GitHub Pull Requests and Issues Extension (1), Graph (1), Groove (1), GroupMe (3), HEIF Image Extension (2), HEVC Video Extensions (42), High Definition Audio Bus Driver (1), HoloLens 1 (1), Host Integration Server (2), Host Integration Server 2020 (1), Hub Device Client SDK for Azure IoT (1), Hyper-V (13), IIS (15), Identity Linux Broker (1), Identity Manager (1), Identity Model (1), Infopath (2), Internet Explorer (1135), Intune Company Portal (1), Intune Management Extension (2), Intune Portal (1), Intune for Android Mobile Application Management (1), JScript (1), Jarvis (1), Java SDK for Azure IoT (2), Jupyter Extension for Visual Studio Code (2), Kubernetes Tools (1), Log Analytics Agent (2), Lync (21), Lync Server (12), Lync for Mac (1), MPEG-2 Video Extension (1), MSRT (1), Mail Client (1), Malicious Software Removal Tool (2), Malware Protection Engine (15), Maven for Java Extension (1), Media Player (1), Microsoft Authentication Library (1), Microsoft Dynamics 365 (1), Microsoft Malware Protection Platform (1), Microsoft OLE DB Provider for DB2 V7 (1), Mono (1), Mono Framework (1), Network Watcher Agent Virtual Machine Extension for Linux (1), Nokia Asha 501 (1), NuGet (3), ODBC Driver (20), ODBC Driver for SQL Server (5), OLE DB (1), OLE DB Driver (29), OLE DB Driver for SQL Server (1), Office (467), Office 365 (4), Office 365 ProPlus (1), Office App (1), Office Compability Pack (1), Office Compatibility Pack (8), Office Excel (4), Office LTSC (4), Office Online Server (11), OfficePLUS (1), Office Picture Manager (1), Office Web Apps (10), Office Web Apps Server (8), Office for Mac 2011 (1), On-Prem Data Gateway (1), On-Premises Data Gateway (1), OneDrive (13), OneNote (7), Open Enclave SDK (3), Open Management Infrastructure (2), Operations (2), Operations Management Suite Agent (1), Outlook (60), Outlook.com (1), Outlook Web App (1), Package Manager Configurations (1), Paint 3D (6), PandocUpload (1), Passport-SAML (1), Photos (1), Power Apps (2), Power Automate (1), Power Automate for Desktop (1), Power BI (1), PowerBI-Client JS SDK (1), PowerBI-client JS SDK (1), Power BI Report Server (6), Power Platform (3), PowerPoint (24), PowerPoint Viewer (1), PowerShell (2), PowerShell Core (1), PowerShell Editor Services (1), PowerShell Extension for Visual Studio Code (1), PowerShellGet (1), Powerpoint (1), Print 3D (1), Printer Metadata Troubleshooter Tool (1), Process Explorer (1), Project (4), Project Server (3), Publisher (16), Publisher 2003 (9), Python Extension for Visual Studio Code (1), Quantum Development Kit for Visual Studio Code (1), RMS Sharing for Mac (1), RTOS GUIX (3), Raw Image Extension (14), Remote Desktop (1), Remote Desktop Connection Client (1), Remote Desktop Connection Manager (1), Remote Desktop For Mac (1), Research JavaScript Cryptography Library (2), Rome SDK (2), SCS Add-on (1), SQL Server (129), SQL Server 2017 Reporting Services (1), SQL Server 2019 Reporting Services (1), SQL Server Backend for Django (1), SQL Server Management Studio (6), Security Essentials (9), Security Essentials Antimalware Engine (2), Send Customer Voice survey from Dynamics 365 (1), Send Customer Voice survey from Dynamics 365 App (1), Service Fabric (1), SharePoint (63), SharePoint Enterprise Server (132), SharePoint Foundation (62), SharePoint Server (215), Sharepoint (6), Silverlight (16), Skype (15), Skype Extension (1), Skype for Android (1), Skype for Business (15), Skype for Business Server (14), Skype for Consumer (1), Snip & Sketch (1), Snipping Tool (1), Software for Open Networking in the Cloud (1), Sterling Connect Direct (1), Surface Hub (1), Surface Pro (1), SysInternals Sysmon (1), Sysinternals Process Monitor (1), Sysinternals PsExec (1), System Center (1), System Center Endpoint Protection (8), System Center Operations Manager (10), System Center Virtual Machine Manager (1), Systems Management Server (1), Team Foundation Server (23), Teams (11), Teams Admin Center (1), Tech Companion (1), VBScript (1), VP9 Video Extensions (7), Virtual PC (1), Visio (18), Visio Viewer (6), Visual C++ (1), Visual C++ Redistributable (1), Visual Studio (150), Visual Studio Code (45), Visual Studio Code Live Share Extension (1), Visual Studio Code Remote Containers Extension (1), Visual Studio Code WSL Extension (1), Visual Studio Community (1), Visual Studio Team Foundation Server (1), WMI Administrative Tools (1), Web Media Extensions (1), WebP Image Extension (1), Windows (5065), Windows 10 Update Assistant (2), Windows Admin Center (2), Windows App Installer (1), Windows Azure Sdk (1), Windows Defender (9), Windows Defender Antimalware Platform (2), Windows Embedded (1), Windows Essentials (1), Windows Host Compute (1), Windows Live Movie Maker (1), Windows Live OneCare (1), Windows Media Center (2), Windows Media Center TV Pack (1), Windows Media Encoder (1), Windows Media Player (5), Windows Modern Mail (1), Windows Movie Maker (2), Windows Phone (2), Windows Server (1), Windows Subsystem for Linux (1), Windows Sysmon (1), Windows Upgrade Assistant (1), Wireless Desktop 2000 (1), Wireless Display Adapter V2 (1), Wireless Keyboard (1), Word (92), Word 2003 (1), WordPad (1), Word Viewer (3), Works (1), XML Core Services (5), Xamarin.Forms (1), Xbox Gaming Services (1), Xbox Live (1), Xerte (1), YARP (2), Yammer (1), YourPhone App (1), az functionapp config appsettings delete (1), az functionapp config appsettings set (1), az logicapp config appsettings delete (1), az logicapp config appsettings set (1), az staticwebapp appsettings delete (1), az staticwebapp appsettings set (1), az webapp config appsettings delete (1), az webapp config appsettings set (1), msgraph-sdk-php (1), msgraph-sdk-php-core (1), typed-rest-client (1), workspace-tools (1)

Link to Vendor Website: https://www.microsoft.com/

公開済みBaseTemp脆弱性Prod悪用可修復EPSSCTICVE
2024年09月20日4.34.2Microsoft Edge クロスサイトスクリプティングWeb BrowserNot DefinedOfficial Fix0.000460.00CVE-2024-38221
2024年09月20日6.46.2Microsoft Edge メモリ破損Web BrowserNot DefinedOfficial Fix0.000870.11CVE-2024-43496
2024年09月20日6.46.2Microsoft Edge 特権昇格Web BrowserNot DefinedOfficial Fix0.000480.08CVE-2024-43489
2024年09月19日7.06.9Microsoft Office Visio 特権昇格Office Suite SoftwareNot DefinedOfficial Fix0.000530.08CVE-2024-38016
2024年09月17日6.76.7Microsoft Dynamics 365 Business Central Online 特権昇格未知Not DefinedNot Defined0.000460.07CVE-2024-43460
2024年09月17日7.57.5Microsoft GroupMe 特権昇格未知Not DefinedNot Defined0.000910.04CVE-2024-38183
2024年09月12日5.35.2Microsoft High Definition Audio Bus Driver IRP HDAudBus_DMA サービス拒否Hardware Driver SoftwareNot DefinedNot Defined0.000470.14CVE-2024-45383
2024年09月10日7.06.4Microsoft Windows libarchive メモリ破損Operating SystemUnprovenOfficial Fix0.000530.07CVE-2024-43495
2024年09月10日7.87.1Microsoft AutoUpdate 特権昇格未知UnprovenOfficial Fix0.000480.08CVE-2024-43492
2024年09月10日9.89.2Microsoft Windows Update メモリ破損Operating SystemHighOfficial Fix0.023210.34CVE-2024-43491
2024年09月10日5.85.5Microsoft Windows Mark of the Web 特権昇格Operating SystemFunctionalOfficial Fix0.000910.11CVE-2024-43487
2024年09月10日5.85.3Microsoft Outlook 情報の漏洩Groupware SoftwareUnprovenOfficial Fix0.000460.07CVE-2024-43482
2024年09月10日8.57.8Microsoft Power Automate for Desktop 特権昇格Automation SoftwareUnprovenOfficial Fix0.000460.06CVE-2024-43479
2024年09月10日6.25.8Microsoft Dynamics 365 クロスサイトスクリプティング未知UnprovenOfficial Fix0.000490.04CVE-2024-43476
2024年09月10日7.06.4Microsoft Windows Admin Center Privilege EscalationOperating SystemUnprovenOfficial Fix0.000420.05CVE-2024-43475
2024年09月10日6.96.0Microsoft SQL Server メモリ破損Database SoftwareUnprovenOfficial Fix0.000480.00CVE-2024-43474
2024年09月10日7.56.8Microsoft Azure Network Watcher VM Agent 特権昇格Cloud SoftwareUnprovenOfficial Fix0.000530.04CVE-2024-43470
2024年09月10日8.88.1Microsoft Azure CycleCloud 特権昇格Cloud SoftwareUnprovenOfficial Fix0.001120.09CVE-2024-43469
2024年09月10日7.56.8Microsoft Windows Remote Desktop Licensing Service 競合状態Operating SystemUnprovenOfficial Fix0.000460.04CVE-2024-43467
2024年09月10日6.76.3Microsoft SharePoint Server 特権昇格Groupware SoftwareUnprovenOfficial Fix0.000630.04CVE-2024-43466
2024年09月10日7.36.7Microsoft Excel メモリ破損Spreadsheet SoftwareUnprovenOfficial Fix0.000500.03CVE-2024-43465
2024年09月10日7.26.6Microsoft SharePoint Server 特権昇格Groupware SoftwareUnprovenOfficial Fix0.000460.00CVE-2024-43464
2024年09月10日7.47.0Microsoft Visio メモリ破損Image Processing SoftwareUnprovenOfficial Fix0.000500.03CVE-2024-43463
2024年09月10日8.07.5Microsoft Windows MSHTML Platform 特権昇格Operating SystemHighOfficial Fix0.162390.04CVE-2024-43461
2024年09月10日7.06.6Microsoft Windows Networking 情報の漏洩Operating SystemUnprovenOfficial Fix0.000870.03CVE-2024-43458
2024年09月10日7.87.1Microsoft Windows Setup/Deployment 特権昇格Operating SystemUnprovenOfficial Fix0.000480.03CVE-2024-43457
2024年09月10日9.08.5Microsoft Windows Remote Desktop Licensing Service 特権昇格Operating SystemUnprovenOfficial Fix0.001240.31CVE-2024-43455
2024年09月10日6.56.0Microsoft Windows Remote Desktop Licensing Service ディレクトリトラバーサルOperating SystemUnprovenOfficial Fix0.000500.04CVE-2024-43454
2024年09月10日7.56.8Microsoft Windows Remote Desktop Licensing Service Privilege EscalationOperating SystemUnprovenOfficial Fix0.000460.08CVE-2024-38263
2024年09月10日8.88.1Microsoft Windows Remote Desktop Licensing Service Privilege EscalationOperating SystemUnprovenOfficial Fix0.000630.08CVE-2024-38260
2024年09月10日8.88.1Microsoft Windows Management Console メモリ破損Operating SystemUnprovenOfficial Fix0.001330.34CVE-2024-38259
2024年09月10日6.25.9Microsoft Windows Remote Desktop Licensing Service ディレクトリトラバーサルOperating SystemUnprovenOfficial Fix0.000990.08CVE-2024-38258
2024年09月10日6.86.2Microsoft Windows AllJoyn API 情報の漏洩Operating SystemUnprovenOfficial Fix0.001370.07CVE-2024-38257
2024年09月10日4.84.4Microsoft Windows Kernel-Mode Driver 情報の漏洩Operating SystemUnprovenOfficial Fix0.000480.03CVE-2024-38256
2024年09月10日5.14.8Microsoft Windows Authentication 情報の漏洩Operating SystemUnprovenOfficial Fix0.000500.06CVE-2024-38254
2024年09月10日7.87.1Microsoft Windows Win32 Kernel Subsystem メモリ破損Operating SystemUnprovenOfficial Fix0.000590.05CVE-2024-38253
2024年09月10日7.87.1Microsoft Windows Win32 Kernel Subsystem メモリ破損Operating SystemUnprovenOfficial Fix0.000590.04CVE-2024-38252
2024年09月10日7.87.1Microsoft Windows Graphics Local Privilege EscalationOperating SystemUnprovenOfficial Fix0.000480.19CVE-2024-38250
2024年09月10日7.87.1Microsoft Windows Graphics メモリ破損Operating SystemUnprovenOfficial Fix0.000590.03CVE-2024-38249
2024年09月10日7.06.5Microsoft Windows Storage メモリ破損Operating SystemProof-of-ConceptOfficial Fix0.000590.03CVE-2024-38248
2024年09月10日7.87.1Microsoft Windows Graphics メモリ破損Operating SystemUnprovenOfficial Fix0.000480.03CVE-2024-38247
2024年09月10日7.06.4Microsoft Windows Win32k メモリ破損Operating SystemUnprovenOfficial Fix0.000480.04CVE-2024-38246
2024年09月10日7.87.1Microsoft Windows Kernel Streaming Service Driver 特権昇格Operating SystemUnprovenOfficial Fix0.000480.03CVE-2024-38245
2024年09月10日7.87.1Microsoft Windows Kernel Streaming Service Driver 特権昇格Operating SystemUnprovenOfficial Fix0.000480.07CVE-2024-38244
2024年09月10日7.87.1Microsoft Windows Kernel Streaming Service Driver 特権昇格Operating SystemUnprovenOfficial Fix0.000480.03CVE-2024-38243
2024年09月10日7.87.1Microsoft Windows Kernel Streaming Service Driver メモリ破損Operating SystemUnprovenOfficial Fix0.000480.03CVE-2024-38242
2024年09月10日7.87.1Microsoft Windows Kernel Streaming Service Driver 特権昇格Operating SystemUnprovenOfficial Fix0.000480.03CVE-2024-38241
2024年09月10日8.58.0Microsoft Windows Remote Access Connection Manager 情報の漏洩Operating SystemUnprovenOfficial Fix0.001430.03CVE-2024-38240
2024年09月10日7.26.6Microsoft Windows Kerberos Privilege EscalationOperating SystemUnprovenOfficial Fix0.000460.07CVE-2024-38239
2024年09月10日7.87.1Microsoft Windows Kernel Streaming Service Driver メモリ破損Operating SystemUnprovenOfficial Fix0.000480.03CVE-2024-38238

9950 非表示のエントリあり

Want to stay up to date on a daily basis?

Enable the mail alert feature now!