According to the Zero Day Initiative, the update marks the largest number of CVEs addressed in a single month since at least 2017.
An attacker who successfully exploited this vulnerability could gain SYSTEM privileges, which can be detrimental to system security.
Given that they are privilege escalation bugs, they are very likely used as part of post-compromise activity, where an attacker has already gained access.
The Virtualization Service Provider (VSP) resides in the root partition of a Hyper-V instance, which supports synthetic device communication between partitions.
Collection
[
|
...
]