https://www.zscaler.com/de/security-advisories/feeds Zscaler Security Advisories identify and provide security vulnerabilities along with their criticality ratings. Sat, 17 May 2025 10:58:23 GMT https://validator.w3.org/feed/docs/rss2.html RSS 2.0, JSON Feed 1.0, and Atom 1.0 generator for Node.js de https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-may-2025 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-may-2025 Tue, 13 May 2025 23:50:55 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the May 2025 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections, as necessary.CVE-2025-30388 – Windows Graphics Component Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsMicrosoft Office LTSC for Mac 2024Microsoft Office for UniversalMicrosoft Office for AndroidMicrosoft Office LTSC for Mac 2021CVE-2025-30377 – Microsoft Office Remote Code Execution VulnerabilitySeverity: CriticalSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft Office 2019 for 32-bit editionsMicrosoft Office 2016 (64-bit edition)Microsoft Office 2016 (32-bit edition)Microsoft Office LTSC for Mac 2024Microsoft Office LTSC 2024 for 64-bit editionsMicrosoft Office LTSC 2024 for 32-bit editionsMicrosoft Office for AndroidMicrosoft Office LTSC 2021 for 32-bit editionsMicrosoft Office LTSC 2021 for 64-bit editionsMicrosoft Office LTSC for Mac 2021Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office 2019 for 64-bit editionsCVE-2025-30386 – Microsoft Office Remote Code Execution VulnerabilitySeverity: CriticalSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft Office 2016 (64-bit edition)Microsoft Office 2016 (32-bit edition)Microsoft Office LTSC for Mac 2024Microsoft Office LTSC 2024 for 64-bit editionsMicrosoft Office LTSC 2024 for 32-bit editionsMicrosoft Office for AndroidMicrosoft Office LTSC 2021 for 32-bit editionsMicrosoft Office LTSC 2021 for 64-bit editionsMicrosoft Office LTSC for Mac 2021Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for 32-bit editions mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-april-2025 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-april-2025 Tue, 08 Apr 2025 20:25:05 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the April 2025 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary.CVE-2025-27472 – Windows Mark of the Web Security Feature Bypass VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows 10 for x64-based SystemsWindows 10 for 32-bit SystemsCVE-2025-29812 – DirectX Graphics Kernel Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022CVE-2025-29809 – Windows Kerberos Security Feature Bypass VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows 11 Version 23H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2016CVE-2025-27482 – Windows Remote Desktop Services Remote Code Execution VulnerabilitySeverity: CriticalSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025 (Server Core installation)Windows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2025 mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-9-new-vulnerabilities-for-adobe-march-2025 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-9-new-vulnerabilities-for-adobe-march-2025 Tue, 11 Mar 2025 22:17:09 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 9 vulnerability included in the March 2025 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections, as necessary.APSB25-14 – Security updates available for Adobe Acrobat and Reader.Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Affected SoftwareAcrobat DC Continuous 25.001.20428 and earlier versions for Windows & macOSAcrobat Reader DC Continuous 25.001.20428 and earlier versions for Windows & macOSAcrobat 2024 Classic 2024 24.001.30225 and earlier versions for Windows & macOSAcrobat 2020 Classic 2020 20.005.30748 and earlier versions for Windows & macOSAcrobat Reader 2020 Classic 2020 20.005.30748 and earlier versions for Windows & macOSCVE-2025-27174 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-27158 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-27159 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-27160 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-27161 – Out-of-bounds Read vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-27162 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-24431 – Out-of-bounds Read vulnerability leading to Arbitrary code execution. Severity: ImportantSubscription RequiredAdvanced Threat Protection CVE-2025-27163 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: ImportantSubscription RequiredAdvanced Threat Protection CVE-2025-27164 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: ImportantSubscription RequiredAdvanced Threat Protection mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-march-2025 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-march-2025 Tue, 11 Mar 2025 22:10:35 GMT CVE-2025-24067 – Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2025-24993 – Windows NTFS Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)CVE-2025-24066 – Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2025-24985 – Windows Fast FAT File System Driver Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-february-2025 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-february-2025 Tue, 11 Feb 2025 21:39:14 GMT CVE-2025-21414 – Windows Core Messaging Elevation of Privileges VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2025-21358 – Windows Core Messaging Elevation of Privileges VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for x64-based SystemsWindows Server 2016 (Server Core installation)Windows 11 Version 24H2 for ARM64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2025-21400 – Microsoft SharePoint Server Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft SharePoint Server Subscription EditionMicrosoft SharePoint Server 2019Microsoft SharePoint Enterprise Server 2016CVE-2025-21184 – Windows Core Messaging Elevation of Privileges VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-january-2025 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-january-2025 Tue, 14 Jan 2025 21:18:31 GMT CVE-2025-21354 – Microsoft Excel Remote Code Execution VulnerabilitySeverity: CriticalSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareMicrosoft Office LTSC for Mac 2024Microsoft Office LTSC 2024 for 64-bit editionsMicrosoft Office LTSC 2024 for 32-bit editionsMicrosoft Office LTSC 2021 for 32-bit editionsMicrosoft Office LTSC 2021 for 64-bit editionsMicrosoft Office LTSC for Mac 2021Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for 32-bit editionsOffice Online ServerCVE-2025-21315 – Microsoft Brokering File System Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025 (Server Core installation)Windows Server 2025 mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-december-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-december-2024 Tue, 10 Dec 2024 21:54:21 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the December 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections, as necessary.CVE-2024-49138 – Windows Common Log File System Driver Elevation of Privilege VulnerabilitySeverity: ModerateSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-49114 – Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2025 (Server Core installation)Windows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-49090 – Windows Common Log File System Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2025 (Server Core installation)Windows Server 2025 mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-adobe-december-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-adobe-december-2024 Tue, 10 Dec 2024 21:48:41 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerability included in the December 2024 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections, as necessary.APSB24-92 – Security updates available for Adobe Acrobat and Reader.Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, memory leak and application denial-of-service. Affected SoftwareAcrobat DC Continuous 24.005.20307 and earlier versions for Windows & macOSAcrobat Reader DC Continuous 24.005.20307 and earlier versions for Windows & macOSAcrobat 2024 Classic 2024 24.001.30213 and earlier versions for Windows & 24.001.30193 and earlier versions for macOSAcrobat 2020 Classic 2020 20.005.30730 and earlier versions for Windows & 20.005.30710 and earlier versions for macOSAcrobat Reader 2020 Classic 2020 20.005.30730 and earlier versions for Windows & 20.005.30710 and earlier versions for macOSCVE-2024-49530 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-49531 – NULL Pointer Dereference vulnerability leading to Application denial-of-service. Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-49532 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-49533 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-49534 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-49535 – Improper Restriction of XML External Entity Reference (‘XXE’) vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-november-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-november-2024 Tue, 12 Nov 2024 22:17:51 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the November 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections, as necessary.CVE-2024-49033 – Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilitySeverity: ModerateSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft Edge (Chromium-based)CVE-2024-43630 – Windows Kernel Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 10 Version 21H2 for x64-based Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-october-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-october-2024 Tue, 08 Oct 2024 20:44:27 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the October 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary.CVE-2024-43573 – Windows MSHTML Platform Spoofing VulnerabilitySeverity: ModerateSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows 11 Version 23H2 for x64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows Server 2022Windows 10 Version 22H2 for ARM64-based SystemsWindows Server 2012 R2Windows Server 2016 (Server Core installation)Windows 10 Version 1607 for 32-bit SystemsWindows Server 2012 R2 (Server Core installation)Windows 10 for x64-based SystemsWindows 10 Version 1607 for x64-based SystemsWindows Server 2016Windows 10 for 32-bit SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows 11 Version 24H2 for x64-based SystemsWindows Server 2019 (Server Core installation)Windows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2019Windows 10 Version 21H2 for ARM64-based SystemsWindows Server 2022 (Server Core installation)Windows 10 Version 21H2 for x64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsCVE-2024-43572 – Microsoft Management Console Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-43560 – Microsoft Windows Storage Port Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-43502– Windows Kernel Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-windows-september-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-windows-september-2024 Tue, 10 Sep 2024 21:49:28 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerabilities included in the September 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary.CVE-2024-38242 – Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38243 – Kernel Streaming Service Driver Elevation of Privilege Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38244 – Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38245– Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38237 – Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019CVE-2024-38238 – Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-1-new-vulnerabilities-for-adobe-september-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-1-new-vulnerabilities-for-adobe-september-2024 Tue, 10 Sep 2024 21:38:25 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 1 vulnerability included in the September 2024 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary.APSB24-70 – Security updates available for Adobe Acrobat and Reader.Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical vulnerabilities. Successful exploitation could lead to arbitrary code execution. Affected SoftwareAcrobat DC Continuous 24.003.20054 and earlier versions for Windows & 24.002.21005 and earlier for macOSAcrobat Reader DC Continuous 24.003.20054 and earlier versions for Windows & 24.002.21005 and earlier for macOSAcrobat 2024 Classic 2024 24.001.30159 and earlier versions for Windows & macOSAcrobat 2020 Classic 2020 20.005.30655 and earlier versions for Windows & 20.005.30655 and earlier versions for macOSAcrobat Reader 2020 Classic 2020 20.005.30655 and earlier versions for Windows & 20.005.30655 and earlier versions for macOSCVE-2024-41869 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-11-new-vulnerabilities-for-adobe-august-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-11-new-vulnerabilities-for-adobe-august-2024 Tue, 13 Aug 2024 21:15:58 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 11 vulnerabilities included in the August 2024 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary.APSB24-57 – Security updates available for Adobe Acrobat and Reader.Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation and memory leak. Affected SoftwareAcrobat DC Continuous 24.002.20991 and earlier versions for Windows & 24.002.20964 and earlier for macOSAcrobat Reader DC Continuous 24.002.20991 and earlier versions for Windows & 24.002.20964 and earlier for macOSAcrobat 2024 Classic 2024 24.001.30123 and earlier versions for Windows & macOSAcrobat 2020 Classic 2020 20.005.30636 and earlier versions for Windows & 20.005.30635 and earlier versions for macOSAcrobat Reader 2020 Classic 2020 20.005.30636 and earlier versions for Windows & 20.005.30635 and earlier versions for macOSCVE-2024-39383 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-39422 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-39423 – Out-of-bounds Write vulnerability leading to Arbitrary code execution.Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-39424 – Use After Free vulnerability leading to Arbitrary code execution.Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-39426 – Access of Memory Location After End of Buffer vulnerability leading to Arbitrary code Execution.Severity: CriticalSubscription RequiredAdvanced Threat Protection Advanced Cloud Sandbox CVE-2024-41830 – Use After Free vulnerability leading to Arbitrary code execution.Severity: CriticalSubscription RequiredAdvanced Threat Protection Advanced Cloud Sandbox CVE-2024-41831 – Use After Free vulnerability leading to Arbitrary Code Execution.Severity: CriticalSubscription RequiredAdvanced Threat Protection Advanced Cloud Sandbox CVE-2024-41832 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-41833 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-41834 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-41835 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-8-new-vulnerabilities-for-windows-august-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-8-new-vulnerabilities-for-windows-august-2024 Tue, 13 Aug 2024 21:10:27 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 8 vulnerabilities included in the August 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary.CVE-2024-38141 – Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxZscaler Threatname : Win64.Exploit.CVE-2024-38141Affected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsCVE-2024-38144 – Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionZscaler Threatname : Win64.Exploit.CVE-2024-38144Affected SoftwareWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38147 – Microsoft DWM Core Library Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionZscaler Threatname : Win64.Exploit.CVE-2024-38147Affected SoftwareWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022CVE-2024-38150– Windows DWM Core Library Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxZscaler Threatname : Win64.Exploit.CVE-2024-38150Affected SoftwareWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022CVE-2024-38178 – Scripting Engine Memory Corruption VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionZscaler Threatname : HTML.Exploit.CVE-2024-38178Affected SoftwareWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsCVE-2024-38193 – Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxZscaler Threatname : Win64.Exploit.CVE-2024-38193Affected SoftwareWindows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsCVE-2024-38196 – Windows Common Log File System Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxZscaler Threatname : Win64.Exploit.CVE-2024-38196Affected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsCVE-2024-38106 – Windows Kernel Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxZscaler Threatname : Win64.Exploit.CVE-2024-38106Affected SoftwareWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-july-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-july-2024 Tue, 09 Jul 2024 19:56:48 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the July 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the July release and deploy additional protections, as necessary.CVE-2024-38021 – Microsoft Office Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft Office 2016 (64-bit edition)Microsoft Office 2016 (32-bit edition)Microsoft Office LTSC 2021 for 32-bit editionsMicrosoft Office LTSC 2021 for 64-bit editionsMicrosoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for 32-bit editionsCVE-2024-38052 – Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsCVE-2024-38054 – Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38059 – Win32k Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022CVE-2024-38085 – Windows Graphics Component Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-june-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-june-2024 Wed, 12 Jun 2024 00:16:23 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the June 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections, as necessary.CVE-2024-30089 – Microsoft Streaming Service Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-30084 – Windows Kernel-Mode Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-30091 – Win32k Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-35250 – Windows Kernel-Mode Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-30080 – Microsoft Message Queuing (MSMQ) Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-adobe-may-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-adobe-may-2024 Tue, 14 May 2024 23:43:09 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the May 2024 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections, as necessary.APSB24-29 – Security updates available for Adobe Acrobat and Reader.Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Affected Software:Acrobat DC Continuous 24.002.20736 and earlier versions for WindowsAcrobat Reader DC Continuous 24.002.20736 and earlier versions for WindowsAcrobat 2020 Classic 2020 20.005.30574 and earlier versions for WindowsAcrobat Reader 2020 Classic 20.005.30574 and earlier versions for WindowsCVE-2024-30284 – Use After Free vulnerability leading to Arbitrary code execution.Severity: CriticalSubscriptions RequiredAdvanced Threat ProtectionCVE-2024-30310 – Out-of-bounds Write vulnerability leading to Arbitrary code execution.Severity: CriticalSubscriptions RequiredAdvanced Threat ProtectionCVE-2024-30311 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: CriticalSubscriptions RequiredAdvanced Threat ProtectionCVE-2024-30312 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: ImportantSubscriptions RequiredAdvanced Threat Protection mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-for-windows-may-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-for-windows-may-2024 Tue, 14 May 2024 23:18:31 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 7 vulnerabilities included in the May 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections, as necessary.CVE-2024-29996 – Windows Common Log File System Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-30025 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-30032 – Windows DWM Core Library Elevation of Privilege Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-30034 – Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-30035 – Windows DWM Core Library Elevation of Privilege Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-30037 – Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareSubscriptions RequiredWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-30044 – Microsoft SharePoint Server Remote Code Execution Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft SharePoint Server Subscription EditionMicrosoft SharePoint Server 2019Microsoft SharePoint Enterprise Server 2016 mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-april-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-april-2024 Tue, 09 Apr 2024 23:52:02 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the April 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary.CVE-2024-26212 – DHCP Server Service Denial of Service VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2022 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2 CVE-2024-26209 – Microsoft Local Security Authority Subsystem Service Information Disclosure VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)CVE-2024-26234 – Proxy Driver Spoofing VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-26211 – Windows Remote Access Connection Manager Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-march-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-march-2024 Tue, 12 Mar 2024 23:40:56 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the March 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections, as necessary.CVE-2024-21433 – Windows Print Spooler Elevation of Privilege VulnerabilitySeverity: ImportantAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-21437 – Windows Graphics Component Elevation of Privilege VulnerabilitySeverity: ImportantAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-26182 – Windows Kernel Elevation of Privilege VulnerabilitySeverity: ImportantAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-26160 – Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Severity: ImportantAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-february-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-february-2024 Tue, 13 Feb 2024 22:45:10 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the February 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections, as necessary. CVE-2024-21338 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2024-21371 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-13-new-vulnerabilities-for-adobe-february-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-13-new-vulnerabilities-for-adobe-february-2024 Tue, 13 Feb 2024 22:42:41 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 13 vulnerabilities included in the February 2024 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections, as necessary. APSB24-07 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Affected Software Acrobat DC Continuous 23.008.20470 and earlier versions for Windows & macOS Acrobat Reader DC Continuous 23.008.20470 and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30539 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30539 and earlier versions for Windows & macOS CVE-2024-20726 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2024-20727 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2024-20728 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2024-20729 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Important CVE-2024-20730 – Integer Overflow or Wraparound vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2024-20731 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2024-20733 – Improper Input Validation vulnerability leading to Application denial-of-service. Severity: Important CVE-2024-20734 – Use After Free vulnerability leading to Memory leak. Severity: Important CVE-2024-20735 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2024-20736 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2024-20747 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2024-20748 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2024-20749 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-january-2024 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-january-2024 Tue, 09 Jan 2024 18:37:58 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the January 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections, as necessary. CVE-2024-21307 – Remote Desktop Client Remote Code Execution Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2024-20698 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2024-21310 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2024-20653 – Microsoft Common Log File System Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-december-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-december-2023 Tue, 12 Dec 2023 20:32:13 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the December 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections, as necessary. CVE-2023-35633 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows 10 for x64-based Systems Windows 10 for 32-bit Systems CVE-2023-35644 – Windows Sysmain Service Elevation of Privilege Severity: Important Affected Software Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64based Systems Windows 11 Version 23H2 for ARM64based Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-36005 – Windows Telephony Server Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64based Systems Windows 11 Version 23H2 for ARM64based Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-36391 – Local Security Authority Subsystem Service Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 11 Version 23H2 for x64based Systems Windows 11 Version 23H2 for ARM64based Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-17-new-vulnerabilities-for-adobe-november-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-17-new-vulnerabilities-for-adobe-november-2023 Wed, 15 Nov 2023 01:17:42 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 17 vulnerabilities included in the November 2023 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections, as necessary. APSB23-54 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Affected Software Acrobat DC Continuous 23.006.20380 (Win), 23.006.20380 (Mac) and earlier versions for Windows & macOS Acrobat Reader DC Continuous 23.006.20380 (Win), 23.006.20380 (Mac) and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30539 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30539 and earlier versions for Windows & macOS CVE-2023-44336 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44337 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44338 – Out-of-bounds Read vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44359 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44365 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44366 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44367 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44371 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44372 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44339 – Out-of-bounds Read leading to Memory leak. Severity: Important CVE-2023-44340 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44348 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44356 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44357– Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44358 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44360 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44361 – Use After Free vulnerability leading to Memory leak. Severity: Moderate mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-windows-november-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-windows-november-2023 Wed, 15 Nov 2023 01:12:46 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerabilities included in the November 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections, as necessary. CVE-2023-36033 – Windows DWM Core Library Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36036 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36394 – Windows Search Service Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36399 – Windows Storage Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2022, 23H2 Edition (Server Core installation) CVE-2023-36424 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems CVE-2023-36017 – Windows Scripting Engine Memory Corruption Vulnerability Severity: Important Affected Software Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-windows-october-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-windows-october-2023 Wed, 11 Oct 2023 00:08:59 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 7 vulnerabilities included in the October 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary CVE-2023-38159 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36776 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-41772 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36743 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36594 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36713 – Windows Common Log File System Driver Information Disclosure Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36731 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-1-new-vulnerability-for-adobe-september-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-1-new-vulnerability-for-adobe-september-2023 Tue, 12 Sep 2023 23:46:21 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 1 vulnerability included in the September 2023 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary. APSB23-34 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution. Affected Software Acrobat DC Continuous 23.003.20284 (Win), 23.003.20284 (Mac) and earlier versions for Windows & macOS Acrobat Reader DC Continuous 23.003.20244 (Win), 23.003.20284 (Mac) and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30516 (Mac), 20.005.30514 (Win) and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 2020 20.005.30516 (Mac), 20.005.30514 (Win) and earlier versions for Windows & macOS CVE-2023-26369 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-windows-september-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-windows-september-2023 Tue, 12 Sep 2023 23:43:07 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the September 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary. CVE-2023-38144 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-36802 – Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-38143 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-26-new-vulnerabilities-for-adobe-august-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-26-new-vulnerabilities-for-adobe-august-2023 Wed, 09 Aug 2023 07:01:45 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 26 vulnerabilities included in the August 2023 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. APSB23-30 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Affected Software Acrobat DC Continuous 23.003.20244 (Win), 23.003.20244 (Mac) and earlier versions for Windows & macOS Acrobat Reader DC Continuous 23.003.20244 (Win), 23.003.20244 (Mac) and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30467 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30467 and earlier versions for Windows & macOS CVE-2023-38235 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: Critical CVE-2023-38236 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38237 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38238 – Use After Free vulnerability leading to Memory leak. Severity: Moderate CVE-2023-38240 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38239 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38241 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38234 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38242 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38233 – Out-of-bounds write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38244 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38247 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-38248 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-38232 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: Critical CVE-2023-38231 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38230 – Use After Free vulnerability leading to Memory Leak. Severity: Critical CVE-2023-38229 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: Critical CVE-2023-29303 – Use After Free vulnerability leading to Memory leak. Severity: Important CVE-2023-38222 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38228 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38227 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38226 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38225 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38224 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38246 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38223 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-august-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-august-2023 Wed, 09 Aug 2023 06:56:29 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the August 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. CVE-2023-35384 – Windows HTML Platforms Security Feature Bypass Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36900 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-july-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-july-2023 Tue, 11 Jul 2023 18:56:41 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the July 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the July release and deploy additional protections, as necessary. CVE-2023-33157 – Microsoft SharePoint Remote Code Execution Vulnerability Severity: Critical Affected Software Microsoft SharePoint Server Subscription Edition Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016 CVE-2023-35311 – Microsoft Outlook Security Feature Bypass Vulnerability Severity: Important Affected Software Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office LTSC 2021 for 32-bit editions Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2013 (64-bit editions) Microsoft Outlook 2013 (32-bit editions) Microsoft Outlook 2016 (64-bit edition) Microsoft Office 2019 for 64-bit editions Microsoft Outlook 2016 (32-bit edition) Microsoft Office 2019 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-windows-june-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-windows-june-2023 Tue, 13 Jun 2023 22:15:00 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerabilities included in the June 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections, as necessary. CVE-2023-29360 – Windows TPM Device Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 CVE-2023-29358 – Windows GDI Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems CVE-2023-29357 – Microsoft SharePoint Server Elevation of Privilege Vulnerability Severity: Critical Affected Software Microsoft SharePoint Server 2019 CVE-2023-28310 – Microsoft Exchange Server Remote Code Execution Vulnerability Severity: Important Affected Software Microsoft Exchange Server 2019 Cumulative Update 13 Microsoft Exchange Server 2019 Cumulative Update 12 Microsoft Exchange Server 2016 Cumulative Update 23 CVE-2023-29361 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 CVE-2023-29371 – Windows GDI Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-14-new-vulnerabilities-for-adobe-april-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-14-new-vulnerabilities-for-adobe-april-2023 Tue, 11 Apr 2023 22:58:30 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 14 vulnerabilities included in the April 2023 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary. APSB23-24 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Affected Software Acrobat DC Continuous 23.001.200932 (Win), 23.001.200932 (Mac) and earlier versions for Windows & macOS Acrobat Reader DC Continuous 23.001.200932 (Win), 23.001.200932 (Mac) and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30441 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30441 and earlier versions for Windows & macOS CVE-2023-26420 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26419 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26418 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26417 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26395 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26421 – Integer Underflow vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26422 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26423 – Use after free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26424 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26425 – Out-of-bounds write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26397 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-26405 – Improper Input validation vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26406 – Improper Access Control leading to Security Feature Bypass Severity: Critical CVE-2023-26408 – Improper Access Control vulnerability leading to Security Feature bypass. Severity: Important mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-april-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-april-2023 Tue, 11 Apr 2023 22:45:59 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the April 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary. CVE-2023-28274 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-28285 – Windows Graphics Component Remote Code Execution Vulnerability Severity: Important Affected Software Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Office 2019 for Mac CVE-2023-24912 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-28218 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-28220 – Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Severity: Critical Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-march-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-march-2023 Tue, 14 Mar 2023 22:22:52 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the March 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections, as necessary. CVE-2023-24880 – Windows SmartScreen Security Feature Bypass Vulnerability Severity: Moderate Affected Software Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems CVE-2023-23410 – Windows HTTP.sys Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-february-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-february-2023 Wed, 15 Feb 2023 00:01:32 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the February 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections, as necessary. CVE-2023-23376 – Windows Common Log File System Driver Elevation of Privilege Vulnerability. Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-21823 – Windows Graphics Component Remote Code Execution Vulnerability Severity: Important Affected Software Windows Microsoft Office for Android Microsoft Office for iOS Microsoft Office for Universal Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation) mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-15-new-vulnerabilities-for-adobe-january-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-15-new-vulnerabilities-for-adobe-january-2023 Wed, 11 Jan 2023 01:11:39 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 15 vulnerabilities included in the January 2023 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections, as necessary. APSB23-01 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to denial-of-service, arbitrary code execution, privilege escalation and memory leak. Affected Software Acrobat DC Continuous 22.003.20282 (Win), 22.003.20281 (Mac) and earlier versions for Windows & macOS Acrobat Reader DC Continuous 22.003.20282 (Win), 22.003.20281 (Mac) and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30418 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30418 and earlier versions for Windows & macOS CVE-2023-21579 – Integer Overflow or Wraparound vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21581 – Out-of-bounds Read vulnerability leading to memory leak Severity: Important CVE-2023-21585 – Out-of-bounds Read vulnerability leading to memory leak Severity: Important CVE-2023-21586 – NULL Pointer Dereference vulnerability leading to Application denial of service Severity: Important CVE-2023-21604 – Stack-based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21605 – Heap-based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21606 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21607 – Improper Input Validation vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21608 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21609 – Out-of-bounds write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21610 – Stack-based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21611 – Violation of Secure Design Principles leading to Privilege escalation Severity: Important CVE-2023-21612 – Violation of Secure Design Principles leading to Privilege escalation Severity: Important CVE-2023-21613 – Out-of-bounds Read vulnerability leading to memory leak Severity: Important CVE-2022-35691 – Out-of-bounds Read vulnerability leading to memory leak Severity: Important mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-january-2023 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-january-2023 Wed, 11 Jan 2023 01:04:41 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the January 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections, as necessary. CVE-2023-21674 – Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Severity: Important Affected Software Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-21552 – Windows GDI Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-december-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-december-2022 Tue, 13 Dec 2022 20:44:07 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the December 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections, as necessary. CVE-2022-44675 – Windows Bluetooth Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Datacenter: Azure Edition Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-44698 – Windows Win32k Elevation of Privilege Vulnerability Severity: Moderate Affected Software Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Datacenter: Azure Edition Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-november-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-november-2022 Tue, 08 Nov 2022 23:59:49 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the November 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections, as necessary. CVE-2022-41113 – Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Datacenter: Azure Edition (Hotpatch) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-41109 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Datacenter: Azure Edition (Hotpatch) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems CVE-2022-41096 – Microsoft DWM Core Library Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-adobe-october-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-adobe-october-2022 Tue, 11 Oct 2022 23:34:00 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 5 vulnerabilities included in the October 2022 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary. APSB22-46 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to application denial-of-service and memory leak. Affected Software Acrobat DC Continuous 22.002.20212 and earlier versions for Windows & macOS Acrobat Reader DC Continuous 22.002.20212 and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30381 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30381 and earlier versions for Windows & macOS CVE-2022-35691 – NULL Pointer Dereference vulnerability leading to Application denial-of-service Severity: Important CVE-2022-38437 – Use After Free vulnerability leading to Memory leak Severity: Important CVE-2022-38449 – Out-of-bounds Read vulnerability leading to Memory leak Severity: Important CVE-2022-38450 – Stack-Based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-42339 – Stack-Based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-october-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-october-2022 Tue, 11 Oct 2022 23:29:38 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the October 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary. CVE-2022-38051 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-37970 – Windows DWM Core Library Elevation of Privilege Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox Affected Software Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-38050 – Win32k Elevation of Privilege Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox Affected Software Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-37989 – Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-38053 – Microsoft SharePoint Server Remote Code Execution Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Affected Software Windows Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server Subscription Edition Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-september-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-september-2022 Tue, 13 Sep 2022 19:20:18 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the September 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary. CVE-2022-35803 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows RT 8.1 Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2016 Windows 10 Version 1607 for 32bit Systems Windows Server 2012 (Server Core installation) Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2012 R2 (Server Core installation) Windows 10 for 32bit Systems Windows 7 for x64based Systems Service Pack 1 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2019 Windows 10 Version 1607 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows 10 Version 1809 for x64based Systems Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows 7 for 32bit Systems Service Pack 1 Windows 10 Version 1809 for 32bit Systems Windows 10 for x64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows 10 Version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows 10 Version 20H2 for ARM64based Systems Windows 11 for ARM64based Systems Windows Server 2022 Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 1809 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 21H1 for 32bit Systems Windows Server 2022 Azure Edition Core Hotpatch Windows 10 Version 21H1 for x64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 10 Version 21H2 for ARM64based Systems CVE-2022-37957 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-34729 – Windows GDI Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-for-adobe-august-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-for-adobe-august-2022 Wed, 10 Aug 2022 06:03:42 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 7 vulnerabilities included in the August 2022 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. APSB22-39 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Affected Software Acrobat DC Continuous 22.001.20169 and earlier versions for Windows & macOS Acrobat Reader DC Continuous 22.001.20169 and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30362 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30362 and earlier versions for Windows & macOS Acrobat 2017 Classic 2017 17.012.30249 and earlier versions for Windows & macOS Acrobat Reader 2017 Classic 2017 17.012.30249 and earlier versions for Windows & macOS CVE-2022-35665 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-35666 – Improper Input Validation vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-35667 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-35668 – Improper Input Validation vulnerability leading to Memory leak Severity: Important CVE-2022-35670 – Use After Free vulnerability leading to Memory leak Severity: Important CVE-2022-35671 – Out-of-bounds read vulnerability leading to Memory leak Severity: Important CVE-2022-35678 – Out-of-bounds read vulnerability leading to Memory leak Severity: Important mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-august-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-august-2022 Wed, 10 Aug 2022 05:58:52 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the August 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. CVE-2022-35793 – Windows Print Spooler Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems CVE-2022-35750 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-34713 – Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-35755 – Windows Print Spooler Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-34699 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-20-new-vulnerabilities-for-adobe-july-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-20-new-vulnerabilities-for-adobe-july-2022 Tue, 12 Jul 2022 23:04:46 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 20 vulnerabilities included in the July 2021 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the July release and deploy additional protections, as necessary. APSB22-32 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Affected Software Acrobat DC Continuous 22.001.20142 and earlier versions for Windows & macOS Acrobat Reader DC Continuous 22.001.20142 and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30334 and earlier versions for Windows & 20.005.30331 for macOS Acrobat Reader 2020 Classic 20.005.30334 and earlier versions for Windows & 20.005.30331 for macOS Acrobat 2017 Classic 2017 17.012.30229 and earlier versions for Windows & 17.012.30227 for macOS Acrobat Reader 2017 Classic 2017 17.012.30229 and earlier versions for Windows & 17.012.30227 for macOS CVE-2022-34230 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34229 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34228 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34227 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34226 – Out-of-bounds Read vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34225 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34224 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34223 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34222 – Out-of-bounds Read vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34237 – Use After Free vulnerability leading to Memory leak Severity: Important CVE-2022-34239 – Out-of-bounds Read vulnerability leading to Memory leak Severity: Important CVE-2022-34236 – Out-of-bounds Read vulnerability leading to Memory leak Severity: Important CVE-2022-34221 – Access of Resource Using Incompatible Type ('Type Confusion') vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34234 – Use After Free vulnerability leading to Memory leak Severity: Important CVE-2022-34220 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34219 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34217 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34216 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34233 – Use After Free vulnerability leading to Memory leak Severity: Important CVE-2022-34215 – Out-of-bounds Read vulnerability leading to Arbitrary code execution Severity: Critical mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-july-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-july-2022 Tue, 12 Jul 2022 22:57:27 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the July 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the July release and deploy additional protections, as necessary. CVE-2022-22047 – Windows CSRSS Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-30220 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-22034 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-30202 – Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-june-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-june-2022 Wed, 15 Jun 2022 00:46:12 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the June 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections, as necessary. CVE-2022-30147 – Windows Installer Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-30160 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com) https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-may-2022 https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-may-2022 Tue, 10 May 2022 22:56:37 GMT Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the May 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections, as necessary. CVE-2022-29104 – Windows Print Spooler Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-29142 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems CVE-2022-23279 – Windows ALPC Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems CVE-2022-23270 – Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Severity: Critical Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems mapp-release@zscaler.com (mapp-release@zscaler.com)

This XML file does not appear to have any style information associated with it. The document tree is shown below.

<rss version="2.0">

<channel>

<title>Security Advisories | Cloud Security Solutions | Zscaler</title>

<link>https://www.zscaler.com/de/security-advisories/feeds</link>

<description>Zscaler Security Advisories identify and provide security vulnerabilities along with their criticality ratings.</description>

<lastBuildDate>Sat, 17 May 2025 10:58:23 GMT</lastBuildDate>

<docs>https://validator.w3.org/feed/docs/rss2.html</docs>

<generator>RSS 2.0, JSON Feed 1.0, and Atom 1.0 generator for Node.js</generator>

<language>de</language>

<item>

<title>Zscaler protects against 3 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-may-2025</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-may-2025</guid>

<pubDate>Tue, 13 May 2025 23:50:55 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the May 2025 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections, as necessary.CVE-2025-30388 – Windows Graphics Component Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsMicrosoft Office LTSC for Mac 2024Microsoft Office for UniversalMicrosoft Office for AndroidMicrosoft Office LTSC for Mac 2021CVE-2025-30377 – Microsoft Office Remote Code Execution VulnerabilitySeverity: CriticalSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft Office 2019 for 32-bit editionsMicrosoft Office 2016 (64-bit edition)Microsoft Office 2016 (32-bit edition)Microsoft Office LTSC for Mac 2024Microsoft Office LTSC 2024 for 64-bit editionsMicrosoft Office LTSC 2024 for 32-bit editionsMicrosoft Office for AndroidMicrosoft Office LTSC 2021 for 32-bit editionsMicrosoft Office LTSC 2021 for 64-bit editionsMicrosoft Office LTSC for Mac 2021Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office 2019 for 64-bit editionsCVE-2025-30386 – Microsoft Office Remote Code Execution VulnerabilitySeverity: CriticalSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft Office 2016 (64-bit edition)Microsoft Office 2016 (32-bit edition)Microsoft Office LTSC for Mac 2024Microsoft Office LTSC 2024 for 64-bit editionsMicrosoft Office LTSC 2024 for 32-bit editionsMicrosoft Office for AndroidMicrosoft Office LTSC 2021 for 32-bit editionsMicrosoft Office LTSC 2021 for 64-bit editionsMicrosoft Office LTSC for Mac 2021Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for 32-bit editions</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-april-2025</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-april-2025</guid>

<pubDate>Tue, 08 Apr 2025 20:25:05 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the April 2025 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary.CVE-2025-27472 – Windows Mark of the Web Security Feature Bypass VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows 10 for x64-based SystemsWindows 10 for 32-bit SystemsCVE-2025-29812 – DirectX Graphics Kernel Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022CVE-2025-29809 – Windows Kerberos Security Feature Bypass VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows 11 Version 23H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2016 (Server Core installation)Windows Server 2016CVE-2025-27482 – Windows Remote Desktop Services Remote Code Execution VulnerabilitySeverity: CriticalSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025 (Server Core installation)Windows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2025</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 9 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-9-new-vulnerabilities-for-adobe-march-2025</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-9-new-vulnerabilities-for-adobe-march-2025</guid>

<pubDate>Tue, 11 Mar 2025 22:17:09 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 9 vulnerability included in the March 2025 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections, as necessary.APSB25-14 – Security updates available for Adobe Acrobat and Reader.Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Affected SoftwareAcrobat DC Continuous 25.001.20428 and earlier versions for Windows & macOSAcrobat Reader DC Continuous 25.001.20428 and earlier versions for Windows & macOSAcrobat 2024 Classic 2024 24.001.30225 and earlier versions for Windows & macOSAcrobat 2020 Classic 2020 20.005.30748 and earlier versions for Windows & macOSAcrobat Reader 2020 Classic 2020 20.005.30748 and earlier versions for Windows & macOSCVE-2025-27174 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-27158 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-27159 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-27160 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-27161 – Out-of-bounds Read vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-27162 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat Protection CVE-2025-24431 – Out-of-bounds Read vulnerability leading to Arbitrary code execution. Severity: ImportantSubscription RequiredAdvanced Threat Protection CVE-2025-27163 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: ImportantSubscription RequiredAdvanced Threat Protection CVE-2025-27164 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: ImportantSubscription RequiredAdvanced Threat Protection</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-march-2025</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-march-2025</guid>

<pubDate>Tue, 11 Mar 2025 22:10:35 GMT</pubDate>

<description>CVE-2025-24067 – Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2025-24993 – Windows NTFS Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)CVE-2025-24066 – Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2025-24985 – Windows Fast FAT File System Driver Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-february-2025</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-february-2025</guid>

<pubDate>Tue, 11 Feb 2025 21:39:14 GMT</pubDate>

<description>CVE-2025-21414 – Windows Core Messaging Elevation of Privileges VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2025-21358 – Windows Core Messaging Elevation of Privileges VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for x64-based SystemsWindows Server 2016 (Server Core installation)Windows 11 Version 24H2 for ARM64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2025-21400 – Microsoft SharePoint Server Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft SharePoint Server Subscription EditionMicrosoft SharePoint Server 2019Microsoft SharePoint Enterprise Server 2016CVE-2025-21184 – Windows Core Messaging Elevation of Privileges VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 2 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-january-2025</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-january-2025</guid>

<pubDate>Tue, 14 Jan 2025 21:18:31 GMT</pubDate>

<description>CVE-2025-21354 – Microsoft Excel Remote Code Execution VulnerabilitySeverity: CriticalSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareMicrosoft Office LTSC for Mac 2024Microsoft Office LTSC 2024 for 64-bit editionsMicrosoft Office LTSC 2024 for 32-bit editionsMicrosoft Office LTSC 2021 for 32-bit editionsMicrosoft Office LTSC 2021 for 64-bit editionsMicrosoft Office LTSC for Mac 2021Microsoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for 32-bit editionsOffice Online ServerCVE-2025-21315 – Microsoft Brokering File System Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025 (Server Core installation)Windows Server 2025</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 3 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-december-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-december-2024</guid>

<pubDate>Tue, 10 Dec 2024 21:54:21 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the December 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections, as necessary.CVE-2024-49138 – Windows Common Log File System Driver Elevation of Privilege VulnerabilitySeverity: ModerateSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-49114 – Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2025 (Server Core installation)Windows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-49090 – Windows Common Log File System Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2025 (Server Core installation)Windows Server 2025</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 6 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-adobe-december-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-adobe-december-2024</guid>

<pubDate>Tue, 10 Dec 2024 21:48:41 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerability included in the December 2024 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections, as necessary.APSB24-92 – Security updates available for Adobe Acrobat and Reader.Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, memory leak and application denial-of-service. Affected SoftwareAcrobat DC Continuous 24.005.20307 and earlier versions for Windows & macOSAcrobat Reader DC Continuous 24.005.20307 and earlier versions for Windows & macOSAcrobat 2024 Classic 2024 24.001.30213 and earlier versions for Windows & 24.001.30193 and earlier versions for macOSAcrobat 2020 Classic 2020 20.005.30730 and earlier versions for Windows & 20.005.30710 and earlier versions for macOSAcrobat Reader 2020 Classic 2020 20.005.30730 and earlier versions for Windows & 20.005.30710 and earlier versions for macOSCVE-2024-49530 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-49531 – NULL Pointer Dereference vulnerability leading to Application denial-of-service. Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-49532 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-49533 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-49534 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-49535 – Improper Restriction of XML External Entity Reference (‘XXE’) vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 2 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-november-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-november-2024</guid>

<pubDate>Tue, 12 Nov 2024 22:17:51 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the November 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections, as necessary.CVE-2024-49033 – Microsoft Edge (Chromium-based) Remote Code Execution VulnerabilitySeverity: ModerateSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft Edge (Chromium-based)CVE-2024-43630 – Windows Kernel Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2025Windows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 10 Version 21H2 for x64-based Systems</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-october-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-october-2024</guid>

<pubDate>Tue, 08 Oct 2024 20:44:27 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the October 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary.CVE-2024-43573 – Windows MSHTML Platform Spoofing VulnerabilitySeverity: ModerateSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows 11 Version 23H2 for x64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows Server 2022Windows 10 Version 22H2 for ARM64-based SystemsWindows Server 2012 R2Windows Server 2016 (Server Core installation)Windows 10 Version 1607 for 32-bit SystemsWindows Server 2012 R2 (Server Core installation)Windows 10 for x64-based SystemsWindows 10 Version 1607 for x64-based SystemsWindows Server 2016Windows 10 for 32-bit SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows 11 Version 24H2 for x64-based SystemsWindows Server 2019 (Server Core installation)Windows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2019Windows 10 Version 21H2 for ARM64-based SystemsWindows Server 2022 (Server Core installation)Windows 10 Version 21H2 for x64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsCVE-2024-43572 – Microsoft Management Console Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-43560 – Microsoft Windows Storage Port Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-43502– Windows Kernel Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 6 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-windows-september-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-for-windows-september-2024</guid>

<pubDate>Tue, 10 Sep 2024 21:49:28 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerabilities included in the September 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary.CVE-2024-38242 – Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38243 – Kernel Streaming Service Driver Elevation of Privilege Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38244 – Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38245– Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38237 – Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019CVE-2024-38238 – Kernel Streaming Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 1 new vulnerability for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-1-new-vulnerabilities-for-adobe-september-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-1-new-vulnerabilities-for-adobe-september-2024</guid>

<pubDate>Tue, 10 Sep 2024 21:38:25 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 1 vulnerability included in the September 2024 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary.APSB24-70 – Security updates available for Adobe Acrobat and Reader.Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical vulnerabilities. Successful exploitation could lead to arbitrary code execution. Affected SoftwareAcrobat DC Continuous 24.003.20054 and earlier versions for Windows & 24.002.21005 and earlier for macOSAcrobat Reader DC Continuous 24.003.20054 and earlier versions for Windows & 24.002.21005 and earlier for macOSAcrobat 2024 Classic 2024 24.001.30159 and earlier versions for Windows & macOSAcrobat 2020 Classic 2020 20.005.30655 and earlier versions for Windows & 20.005.30655 and earlier versions for macOSAcrobat Reader 2020 Classic 2020 20.005.30655 and earlier versions for Windows & 20.005.30655 and earlier versions for macOSCVE-2024-41869 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 11 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-11-new-vulnerabilities-for-adobe-august-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-11-new-vulnerabilities-for-adobe-august-2024</guid>

<pubDate>Tue, 13 Aug 2024 21:15:58 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 11 vulnerabilities included in the August 2024 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary.APSB24-57 – Security updates available for Adobe Acrobat and Reader.Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation and memory leak. Affected SoftwareAcrobat DC Continuous 24.002.20991 and earlier versions for Windows & 24.002.20964 and earlier for macOSAcrobat Reader DC Continuous 24.002.20991 and earlier versions for Windows & 24.002.20964 and earlier for macOSAcrobat 2024 Classic 2024 24.001.30123 and earlier versions for Windows & macOSAcrobat 2020 Classic 2020 20.005.30636 and earlier versions for Windows & 20.005.30635 and earlier versions for macOSAcrobat Reader 2020 Classic 2020 20.005.30636 and earlier versions for Windows & 20.005.30635 and earlier versions for macOSCVE-2024-39383 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-39422 – Use After Free vulnerability leading to Arbitrary code execution. Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-39423 – Out-of-bounds Write vulnerability leading to Arbitrary code execution.Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-39424 – Use After Free vulnerability leading to Arbitrary code execution.Severity: CriticalSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-39426 – Access of Memory Location After End of Buffer vulnerability leading to Arbitrary code Execution.Severity: CriticalSubscription RequiredAdvanced Threat Protection Advanced Cloud Sandbox CVE-2024-41830 – Use After Free vulnerability leading to Arbitrary code execution.Severity: CriticalSubscription RequiredAdvanced Threat Protection Advanced Cloud Sandbox CVE-2024-41831 – Use After Free vulnerability leading to Arbitrary Code Execution.Severity: CriticalSubscription RequiredAdvanced Threat Protection Advanced Cloud Sandbox CVE-2024-41832 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-41833 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-41834 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox CVE-2024-41835 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: ImportantSubscription RequiredAdvanced Threat ProtectionAdvanced Cloud Sandbox</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 8 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-8-new-vulnerabilities-for-windows-august-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-8-new-vulnerabilities-for-windows-august-2024</guid>

<pubDate>Tue, 13 Aug 2024 21:10:27 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 8 vulnerabilities included in the August 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary.CVE-2024-38141 – Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxZscaler Threatname : Win64.Exploit.CVE-2024-38141Affected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsCVE-2024-38144 – Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionZscaler Threatname : Win64.Exploit.CVE-2024-38144Affected SoftwareWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38147 – Microsoft DWM Core Library Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionZscaler Threatname : Win64.Exploit.CVE-2024-38147Affected SoftwareWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022CVE-2024-38150– Windows DWM Core Library Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxZscaler Threatname : Win64.Exploit.CVE-2024-38150Affected SoftwareWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022CVE-2024-38178 – Scripting Engine Memory Corruption VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionZscaler Threatname : HTML.Exploit.CVE-2024-38178Affected SoftwareWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsCVE-2024-38193 – Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxZscaler Threatname : Win64.Exploit.CVE-2024-38193Affected SoftwareWindows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsCVE-2024-38196 – Windows Common Log File System Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxZscaler Threatname : Win64.Exploit.CVE-2024-38196Affected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsCVE-2024-38106 – Windows Kernel Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAdvanced Cloud SandboxZscaler Threatname : Win64.Exploit.CVE-2024-38106Affected SoftwareWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 11 Version 24H2 for x64-based SystemsWindows 11 Version 24H2 for ARM64-based SystemsWindows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 5 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-july-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-july-2024</guid>

<pubDate>Tue, 09 Jul 2024 19:56:48 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the July 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the July release and deploy additional protections, as necessary.CVE-2024-38021 – Microsoft Office Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft Office 2016 (64-bit edition)Microsoft Office 2016 (32-bit edition)Microsoft Office LTSC 2021 for 32-bit editionsMicrosoft Office LTSC 2021 for 64-bit editionsMicrosoft 365 Apps for Enterprise for 64-bit SystemsMicrosoft 365 Apps for Enterprise for 32-bit SystemsMicrosoft Office 2019 for 64-bit editionsMicrosoft Office 2019 for 32-bit editionsCVE-2024-38052 – Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsCVE-2024-38054 – Kernel Streaming WOW Thunk Service Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-38059 – Win32k Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022CVE-2024-38085 – Windows Graphics Component Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based Systems</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 5 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-june-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-june-2024</guid>

<pubDate>Wed, 12 Jun 2024 00:16:23 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the June 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections, as necessary.CVE-2024-30089 – Microsoft Streaming Service Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-30084 – Windows Kernel-Mode Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-30091 – Win32k Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-35250 – Windows Kernel-Mode Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-30080 – Microsoft Message Queuing (MSMQ) Remote Code Execution VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-adobe-may-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-adobe-may-2024</guid>

<pubDate>Tue, 14 May 2024 23:43:09 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the May 2024 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections, as necessary.APSB24-29 – Security updates available for Adobe Acrobat and Reader.Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Affected Software:Acrobat DC Continuous 24.002.20736 and earlier versions for WindowsAcrobat Reader DC Continuous 24.002.20736 and earlier versions for WindowsAcrobat 2020 Classic 2020 20.005.30574 and earlier versions for WindowsAcrobat Reader 2020 Classic 20.005.30574 and earlier versions for WindowsCVE-2024-30284 – Use After Free vulnerability leading to Arbitrary code execution.Severity: CriticalSubscriptions RequiredAdvanced Threat ProtectionCVE-2024-30310 – Out-of-bounds Write vulnerability leading to Arbitrary code execution.Severity: CriticalSubscriptions RequiredAdvanced Threat ProtectionCVE-2024-30311 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: CriticalSubscriptions RequiredAdvanced Threat ProtectionCVE-2024-30312 – Out-of-bounds Read vulnerability leading to Memory leak.Severity: ImportantSubscriptions RequiredAdvanced Threat Protection</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 7 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-for-windows-may-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-for-windows-may-2024</guid>

<pubDate>Tue, 14 May 2024 23:18:31 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 7 vulnerabilities included in the May 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections, as necessary.CVE-2024-29996 – Windows Common Log File System Driver Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-30025 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit Systems CVE-2024-30032 – Windows DWM Core Library Elevation of Privilege Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-30034 – Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-30035 – Windows DWM Core Library Elevation of Privilege Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-30037 – Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareSubscriptions RequiredWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-30044 – Microsoft SharePoint Server Remote Code Execution Vulnerability Severity: ImportantSubscriptions RequiredAdvanced Threat ProtectionAffected SoftwareMicrosoft SharePoint Server Subscription EditionMicrosoft SharePoint Server 2019Microsoft SharePoint Enterprise Server 2016</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-april-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-april-2024</guid>

<pubDate>Tue, 09 Apr 2024 23:52:02 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the April 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary.CVE-2024-26212 – DHCP Server Service Denial of Service VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2022 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2 CVE-2024-26209 – Microsoft Local Security Authority Subsystem Service Information Disclosure VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)CVE-2024-26234 – Proxy Driver Spoofing VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-26211 – Windows Remote Access Connection Manager Elevation of Privilege VulnerabilitySeverity: ImportantSubscriptions RequiredAdvanced Cloud SandboxAdvanced Threat ProtectionAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based Systems</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-march-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-march-2024</guid>

<pubDate>Tue, 12 Mar 2024 23:40:56 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the March 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections, as necessary.CVE-2024-21433 – Windows Print Spooler Elevation of Privilege VulnerabilitySeverity: ImportantAffected SoftwareWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-21437 – Windows Graphics Component Elevation of Privilege VulnerabilitySeverity: ImportantAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows Server 2022Windows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-26182 – Windows Kernel Elevation of Privilege VulnerabilitySeverity: ImportantAffected SoftwareWindows Server 2016 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows Server 2019 (Server Core installation)Windows Server 2019Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsCVE-2024-26160 – Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability Severity: ImportantAffected SoftwareWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 Version 22H2 for ARM64-based Systems</description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 2 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-february-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-february-2024</guid>

<pubDate>Tue, 13 Feb 2024 22:45:10 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the February 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections, as necessary. CVE-2024-21338 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2024-21371 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 13 new vulnerabilities for Adobe Acrobat and Reader.</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-13-new-vulnerabilities-for-adobe-february-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-13-new-vulnerabilities-for-adobe-february-2024</guid>

<pubDate>Tue, 13 Feb 2024 22:42:41 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 13 vulnerabilities included in the February 2024 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections, as necessary. APSB24-07 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Affected Software Acrobat DC Continuous 23.008.20470 and earlier versions for Windows & macOS Acrobat Reader DC Continuous 23.008.20470 and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30539 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30539 and earlier versions for Windows & macOS CVE-2024-20726 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2024-20727 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2024-20728 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2024-20729 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Important CVE-2024-20730 – Integer Overflow or Wraparound vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2024-20731 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2024-20733 – Improper Input Validation vulnerability leading to Application denial-of-service. Severity: Important CVE-2024-20734 – Use After Free vulnerability leading to Memory leak. Severity: Important CVE-2024-20735 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2024-20736 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2024-20747 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2024-20748 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2024-20749 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-january-2024</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-january-2024</guid>

<pubDate>Tue, 09 Jan 2024 18:37:58 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the January 2024 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections, as necessary. CVE-2024-21307 – Remote Desktop Client Remote Code Execution Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2024-20698 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2024-21310 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2024-20653 – Microsoft Common Log File System Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-december-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-windows-december-2023</guid>

<pubDate>Tue, 12 Dec 2023 20:32:13 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the December 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections, as necessary. CVE-2023-35633 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows 10 for x64-based Systems Windows 10 for 32-bit Systems CVE-2023-35644 – Windows Sysmain Service Elevation of Privilege Severity: Important Affected Software Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64based Systems Windows 11 Version 23H2 for ARM64based Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-36005 – Windows Telephony Server Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64based Systems Windows 11 Version 23H2 for ARM64based Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-36391 – Local Security Authority Subsystem Service Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 11 Version 23H2 for x64based Systems Windows 11 Version 23H2 for ARM64based Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 17 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-17-new-vulnerabilities-for-adobe-november-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-17-new-vulnerabilities-for-adobe-november-2023</guid>

<pubDate>Wed, 15 Nov 2023 01:17:42 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 17 vulnerabilities included in the November 2023 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections, as necessary. APSB23-54 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Affected Software Acrobat DC Continuous 23.006.20380 (Win), 23.006.20380 (Mac) and earlier versions for Windows & macOS Acrobat Reader DC Continuous 23.006.20380 (Win), 23.006.20380 (Mac) and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30539 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30539 and earlier versions for Windows & macOS CVE-2023-44336 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44337 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44338 – Out-of-bounds Read vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44359 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44365 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44366 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44367 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44371 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44372 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-44339 – Out-of-bounds Read leading to Memory leak. Severity: Important CVE-2023-44340 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44348 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44356 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44357– Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44358 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44360 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-44361 – Use After Free vulnerability leading to Memory leak. Severity: Moderate </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 6 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-windows-november-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-windows-november-2023</guid>

<pubDate>Wed, 15 Nov 2023 01:12:46 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerabilities included in the November 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections, as necessary. CVE-2023-36033 – Windows DWM Core Library Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 23H2 for ARM64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36036 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36394 – Windows Search Service Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36399 – Windows Storage Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 11 Version 23H2 for ARM64-based Systems Windows 11 Version 23H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2022, 23H2 Edition (Server Core installation) CVE-2023-36424 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems CVE-2023-36017 – Windows Scripting Engine Memory Corruption Vulnerability Severity: Important Affected Software Windows 11 Version 23H2 for x64-based Systems Windows Server 2022, 23H2 Edition (Server Core installation) Windows 11 Version 23H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 7 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-windows-october-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-windows-october-2023</guid>

<pubDate>Wed, 11 Oct 2023 00:08:59 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 7 vulnerabilities included in the October 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary CVE-2023-38159 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36776 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-41772 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36743 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36594 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36713 – Windows Common Log File System Driver Information Disclosure Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36731 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 1 new vulnerability for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-1-new-vulnerability-for-adobe-september-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-1-new-vulnerability-for-adobe-september-2023</guid>

<pubDate>Tue, 12 Sep 2023 23:46:21 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 1 vulnerability included in the September 2023 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary. APSB23-34 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution. Affected Software Acrobat DC Continuous 23.003.20284 (Win), 23.003.20284 (Mac) and earlier versions for Windows & macOS Acrobat Reader DC Continuous 23.003.20244 (Win), 23.003.20284 (Mac) and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30516 (Mac), 20.005.30514 (Win) and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 2020 20.005.30516 (Mac), 20.005.30514 (Win) and earlier versions for Windows & macOS CVE-2023-26369 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 3 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-windows-september-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-windows-september-2023</guid>

<pubDate>Tue, 12 Sep 2023 23:43:07 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the September 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary. CVE-2023-38144 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-36802 – Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-38143 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 26 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-26-new-vulnerabilities-for-adobe-august-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-26-new-vulnerabilities-for-adobe-august-2023</guid>

<pubDate>Wed, 09 Aug 2023 07:01:45 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 26 vulnerabilities included in the August 2023 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. APSB23-30 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Affected Software Acrobat DC Continuous 23.003.20244 (Win), 23.003.20244 (Mac) and earlier versions for Windows & macOS Acrobat Reader DC Continuous 23.003.20244 (Win), 23.003.20244 (Mac) and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30467 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30467 and earlier versions for Windows & macOS CVE-2023-38235 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: Critical CVE-2023-38236 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38237 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38238 – Use After Free vulnerability leading to Memory leak. Severity: Moderate CVE-2023-38240 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38239 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38241 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38234 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38242 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38233 – Out-of-bounds write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38244 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-38247 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-38248 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Moderate CVE-2023-38232 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: Critical CVE-2023-38231 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38230 – Use After Free vulnerability leading to Memory Leak. Severity: Critical CVE-2023-38229 – Out-of-bounds Read vulnerability leading to Memory Leak. Severity: Critical CVE-2023-29303 – Use After Free vulnerability leading to Memory leak. Severity: Important CVE-2023-38222 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38228 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38227 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38226 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38225 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38224 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38246 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-38223 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution. Severity: Critical </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 2 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-august-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-august-2023</guid>

<pubDate>Wed, 09 Aug 2023 06:56:29 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the August 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. CVE-2023-35384 – Windows HTML Platforms Security Feature Bypass Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-36900 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 2 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-july-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-windows-july-2023</guid>

<pubDate>Tue, 11 Jul 2023 18:56:41 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the July 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the July release and deploy additional protections, as necessary. CVE-2023-33157 – Microsoft SharePoint Remote Code Execution Vulnerability Severity: Critical Affected Software Microsoft SharePoint Server Subscription Edition Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2016 CVE-2023-35311 – Microsoft Outlook Security Feature Bypass Vulnerability Severity: Important Affected Software Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft Office LTSC 2021 for 32-bit editions Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Outlook 2013 RT Service Pack 1 Microsoft Outlook 2013 (64-bit editions) Microsoft Outlook 2013 (32-bit editions) Microsoft Outlook 2016 (64-bit edition) Microsoft Office 2019 for 64-bit editions Microsoft Outlook 2016 (32-bit edition) Microsoft Office 2019 for 32-bit editions Microsoft Office LTSC 2021 for 64-bit editions </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 6 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-windows-june-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-6-new-vulnerabilities-windows-june-2023</guid>

<pubDate>Tue, 13 Jun 2023 22:15:00 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 6 vulnerabilities included in the June 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections, as necessary. CVE-2023-29360 – Windows TPM Device Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 CVE-2023-29358 – Windows GDI Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems CVE-2023-29357 – Microsoft SharePoint Server Elevation of Privilege Vulnerability Severity: Critical Affected Software Microsoft SharePoint Server 2019 CVE-2023-28310 – Microsoft Exchange Server Remote Code Execution Vulnerability Severity: Important Affected Software Microsoft Exchange Server 2019 Cumulative Update 13 Microsoft Exchange Server 2019 Cumulative Update 12 Microsoft Exchange Server 2016 Cumulative Update 23 CVE-2023-29361 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 CVE-2023-29371 – Windows GDI Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 14 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-14-new-vulnerabilities-for-adobe-april-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-14-new-vulnerabilities-for-adobe-april-2023</guid>

<pubDate>Tue, 11 Apr 2023 22:58:30 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 14 vulnerabilities included in the April 2023 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary. APSB23-24 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution, privilege escalation, security feature bypass and memory leak. Affected Software Acrobat DC Continuous 23.001.200932 (Win), 23.001.200932 (Mac) and earlier versions for Windows & macOS Acrobat Reader DC Continuous 23.001.200932 (Win), 23.001.200932 (Mac) and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30441 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30441 and earlier versions for Windows & macOS CVE-2023-26420 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26419 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26418 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26417 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26395 – Out-of-bounds Write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26421 – Integer Underflow vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26422 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26423 – Use after free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26424 – Use After Free vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26425 – Out-of-bounds write vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26397 – Out-of-bounds Read vulnerability leading to Memory leak. Severity: Important CVE-2023-26405 – Improper Input validation vulnerability leading to Arbitrary code execution. Severity: Critical CVE-2023-26406 – Improper Access Control leading to Security Feature Bypass Severity: Critical CVE-2023-26408 – Improper Access Control vulnerability leading to Security Feature bypass. Severity: Important </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 5 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-april-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-april-2023</guid>

<pubDate>Tue, 11 Apr 2023 22:45:59 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the April 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the April release and deploy additional protections, as necessary. CVE-2023-28274 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-28285 – Windows Graphics Component Remote Code Execution Vulnerability Severity: Important Affected Software Microsoft Office LTSC for Mac 2021 Microsoft 365 Apps for Enterprise for 64-bit Systems Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft Office 2019 for Mac CVE-2023-24912 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-28218 – Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2023-28220 – Layer 2 Tunneling Protocol Remote Code Execution Vulnerability Severity: Critical Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 2 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-march-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-march-2023</guid>

<pubDate>Tue, 14 Mar 2023 22:22:52 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the March 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the March release and deploy additional protections, as necessary. CVE-2023-24880 – Windows SmartScreen Security Feature Bypass Vulnerability Severity: Moderate Affected Software Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems CVE-2023-23410 – Windows HTTP.sys Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 2 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-february-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-february-2023</guid>

<pubDate>Wed, 15 Feb 2023 00:01:32 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the February 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the February release and deploy additional protections, as necessary. CVE-2023-23376 – Windows Common Log File System Driver Elevation of Privilege Vulnerability. Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-21823 – Windows Graphics Component Remote Code Execution Vulnerability Severity: Important Affected Software Windows Microsoft Office for Android Microsoft Office for iOS Microsoft Office for Universal Windows 10 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 22H2 for 32-bit Systems Windows 10 Version 22H2 for ARM64-based Systems Windows 10 Version 22H2 for x64-based Systems Windows 11 version 21H2 for ARM64-based Systems Windows 11 version 21H2 for x64-based Systems Windows 11 Version 22H2 for ARM64-based Systems Windows 11 Version 22H2 for x64-based Systems Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2012 Windows Server 2012 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 R2 (Server Core installation) Windows Server 2016 Windows Server 2016 (Server Core installation) Windows Server 2019 Windows Server 2019 (Server Core installation) Windows Server 2022 Windows Server 2022 (Server Core installation) </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 15 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-15-new-vulnerabilities-for-adobe-january-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-15-new-vulnerabilities-for-adobe-january-2023</guid>

<pubDate>Wed, 11 Jan 2023 01:11:39 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 15 vulnerabilities included in the January 2023 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections, as necessary. APSB23-01 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to denial-of-service, arbitrary code execution, privilege escalation and memory leak. Affected Software Acrobat DC Continuous 22.003.20282 (Win), 22.003.20281 (Mac) and earlier versions for Windows & macOS Acrobat Reader DC Continuous 22.003.20282 (Win), 22.003.20281 (Mac) and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30418 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30418 and earlier versions for Windows & macOS CVE-2023-21579 – Integer Overflow or Wraparound vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21581 – Out-of-bounds Read vulnerability leading to memory leak Severity: Important CVE-2023-21585 – Out-of-bounds Read vulnerability leading to memory leak Severity: Important CVE-2023-21586 – NULL Pointer Dereference vulnerability leading to Application denial of service Severity: Important CVE-2023-21604 – Stack-based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21605 – Heap-based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21606 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21607 – Improper Input Validation vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21608 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21609 – Out-of-bounds write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21610 – Stack-based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2023-21611 – Violation of Secure Design Principles leading to Privilege escalation Severity: Important CVE-2023-21612 – Violation of Secure Design Principles leading to Privilege escalation Severity: Important CVE-2023-21613 – Out-of-bounds Read vulnerability leading to memory leak Severity: Important CVE-2022-35691 – Out-of-bounds Read vulnerability leading to memory leak Severity: Important </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 2 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-january-2023</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-january-2023</guid>

<pubDate>Wed, 11 Jan 2023 01:04:41 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the January 2023 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the January release and deploy additional protections, as necessary. CVE-2023-21674 – Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Severity: Important Affected Software Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2023-21552 – Windows GDI Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 version 21H2 for ARM64based Systems Windows 11 version 21H2 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 2 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-december-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-december-2022</guid>

<pubDate>Tue, 13 Dec 2022 20:44:07 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the December 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the December release and deploy additional protections, as necessary. CVE-2022-44675 – Windows Bluetooth Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Datacenter: Azure Edition Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-44698 – Windows Win32k Elevation of Privilege Vulnerability Severity: Moderate Affected Software Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Datacenter: Azure Edition Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 3 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-november-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-november-2022</guid>

<pubDate>Tue, 08 Nov 2022 23:59:49 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the November 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the November release and deploy additional protections, as necessary. CVE-2022-41113 – Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Datacenter: Azure Edition (Hotpatch) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-41109 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Datacenter: Azure Edition (Hotpatch) Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems CVE-2022-41096 – Microsoft DWM Core Library Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 22H2 for 32bit Systems Windows 10 Version 22H2 for ARM64based Systems Windows 10 Version 22H2 for x64based Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 5 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-adobe-october-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-adobe-october-2022</guid>

<pubDate>Tue, 11 Oct 2022 23:34:00 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 5 vulnerabilities included in the October 2022 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary. APSB22-46 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address critical and important vulnerabilities. Successful exploitation could lead to application denial-of-service and memory leak. Affected Software Acrobat DC Continuous 22.002.20212 and earlier versions for Windows & macOS Acrobat Reader DC Continuous 22.002.20212 and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30381 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30381 and earlier versions for Windows & macOS CVE-2022-35691 – NULL Pointer Dereference vulnerability leading to Application denial-of-service Severity: Important CVE-2022-38437 – Use After Free vulnerability leading to Memory leak Severity: Important CVE-2022-38449 – Out-of-bounds Read vulnerability leading to Memory leak Severity: Important CVE-2022-38450 – Stack-Based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-42339 – Stack-Based Buffer Overflow vulnerability leading to Arbitrary code execution Severity: Critical </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 5 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-october-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-october-2022</guid>

<pubDate>Tue, 11 Oct 2022 23:29:38 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the October 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the October release and deploy additional protections, as necessary. CVE-2022-38051 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-37970 – Windows DWM Core Library Elevation of Privilege Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox Affected Software Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-38050 – Win32k Elevation of Privilege Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox Affected Software Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-37989 – Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Advanced Cloud Sandbox Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 11 Version 22H2 for x64based Systems Windows 11 Version 22H2 for ARM64based Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-38053 – Microsoft SharePoint Server Remote Code Execution Vulnerability Severity: Important Subscriptions Required Advanced Threat Protection Affected Software Windows Microsoft SharePoint Foundation 2013 Service Pack 1 Microsoft SharePoint Server Subscription Edition Microsoft SharePoint Server 2019 Microsoft SharePoint Enterprise Server 2013 Service Pack 1 Microsoft SharePoint Enterprise Server 2016 </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 3 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-september-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-3-new-vulnerabilities-for-windows-september-2022</guid>

<pubDate>Tue, 13 Sep 2022 19:20:18 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 3 vulnerabilities included in the September 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the September release and deploy additional protections, as necessary. CVE-2022-35803 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows RT 8.1 Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2016 Windows 10 Version 1607 for 32bit Systems Windows Server 2012 (Server Core installation) Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2012 R2 (Server Core installation) Windows 10 for 32bit Systems Windows 7 for x64based Systems Service Pack 1 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2019 Windows 10 Version 1607 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows 10 Version 1809 for x64based Systems Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows 7 for 32bit Systems Service Pack 1 Windows 10 Version 1809 for 32bit Systems Windows 10 for x64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows 10 Version 21H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows 10 Version 20H2 for ARM64based Systems Windows 11 for ARM64based Systems Windows Server 2022 Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 1809 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 21H1 for 32bit Systems Windows Server 2022 Azure Edition Core Hotpatch Windows 10 Version 21H1 for x64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 10 Version 21H2 for ARM64based Systems CVE-2022-37957 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-34729 – Windows GDI Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 7 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-for-adobe-august-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-7-new-vulnerabilities-for-adobe-august-2022</guid>

<pubDate>Wed, 10 Aug 2022 06:03:42 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 7 vulnerabilities included in the August 2022 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. APSB22-39 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Affected Software Acrobat DC Continuous 22.001.20169 and earlier versions for Windows & macOS Acrobat Reader DC Continuous 22.001.20169 and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30362 and earlier versions for Windows & macOS Acrobat Reader 2020 Classic 20.005.30362 and earlier versions for Windows & macOS Acrobat 2017 Classic 2017 17.012.30249 and earlier versions for Windows & macOS Acrobat Reader 2017 Classic 2017 17.012.30249 and earlier versions for Windows & macOS CVE-2022-35665 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-35666 – Improper Input Validation vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-35667 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-35668 – Improper Input Validation vulnerability leading to Memory leak Severity: Important CVE-2022-35670 – Use After Free vulnerability leading to Memory leak Severity: Important CVE-2022-35671 – Out-of-bounds read vulnerability leading to Memory leak Severity: Important CVE-2022-35678 – Out-of-bounds read vulnerability leading to Memory leak Severity: Important </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 5 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-august-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-5-new-vulnerabilities-for-windows-august-2022</guid>

<pubDate>Wed, 10 Aug 2022 05:58:52 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 5 vulnerabilities included in the August 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the August release and deploy additional protections, as necessary. CVE-2022-35793 – Windows Print Spooler Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems CVE-2022-35750 – Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-34713 – Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-35755 – Windows Print Spooler Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-34699 – Windows Win32k Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 20 new vulnerabilities for Adobe Acrobat and Reader</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-20-new-vulnerabilities-for-adobe-july-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-20-new-vulnerabilities-for-adobe-july-2022</guid>

<pubDate>Tue, 12 Jul 2022 23:04:46 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protections for the following 20 vulnerabilities included in the July 2021 Adobe security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the July release and deploy additional protections, as necessary. APSB22-32 – Security updates available for Adobe Acrobat and Reader. Adobe has released security updates for Adobe Acrobat and Reader for Windows and macOS. These updates address multiple critical and important vulnerabilities. Successful exploitation could lead to arbitrary code execution and memory leak. Affected Software Acrobat DC Continuous 22.001.20142 and earlier versions for Windows & macOS Acrobat Reader DC Continuous 22.001.20142 and earlier versions for Windows & macOS Acrobat 2020 Classic 2020 20.005.30334 and earlier versions for Windows & 20.005.30331 for macOS Acrobat Reader 2020 Classic 20.005.30334 and earlier versions for Windows & 20.005.30331 for macOS Acrobat 2017 Classic 2017 17.012.30229 and earlier versions for Windows & 17.012.30227 for macOS Acrobat Reader 2017 Classic 2017 17.012.30229 and earlier versions for Windows & 17.012.30227 for macOS CVE-2022-34230 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34229 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34228 – Access of Uninitialized Pointer vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34227 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34226 – Out-of-bounds Read vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34225 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34224 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34223 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34222 – Out-of-bounds Read vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34237 – Use After Free vulnerability leading to Memory leak Severity: Important CVE-2022-34239 – Out-of-bounds Read vulnerability leading to Memory leak Severity: Important CVE-2022-34236 – Out-of-bounds Read vulnerability leading to Memory leak Severity: Important CVE-2022-34221 – Access of Resource Using Incompatible Type ('Type Confusion') vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34234 – Use After Free vulnerability leading to Memory leak Severity: Important CVE-2022-34220 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34219 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34217 – Out-of-bounds Write vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34216 – Use After Free vulnerability leading to Arbitrary code execution Severity: Critical CVE-2022-34233 – Use After Free vulnerability leading to Memory leak Severity: Important CVE-2022-34215 – Out-of-bounds Read vulnerability leading to Arbitrary code execution Severity: Critical </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-july-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-july-2022</guid>

<pubDate>Tue, 12 Jul 2022 22:57:27 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the July 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the July release and deploy additional protections, as necessary. CVE-2022-22047 – Windows CSRSS Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-30220 – Windows Common Log File System Driver Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-22034 – Windows Graphics Component Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-30202 – Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 2 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-june-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-2-new-vulnerabilities-for-windows-june-2022</guid>

<pubDate>Wed, 15 Jun 2022 00:46:12 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 2 vulnerabilities included in the June 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the June release and deploy additional protections, as necessary. CVE-2022-30147 – Windows Installer Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems CVE-2022-30160 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64based Systems Service Pack 1 Windows Server 2008 for x64based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64based Systems Service Pack 2 Windows Server 2008 for 32bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64based systems Windows 8.1 for 32bit systems Windows 7 for x64based Systems Service Pack 1 Windows 7 for 32bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64based Systems Windows 10 Version 1607 for 32bit Systems Windows 10 for x64based Systems Windows 10 for 32bit Systems Windows 10 Version 21H2 for x64based Systems Windows 10 Version 21H2 for ARM64based Systems Windows 10 Version 21H2 for 32bit Systems Windows 11 for ARM64based Systems Windows 11 for x64based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64based Systems Windows 10 Version 20H2 for 32bit Systems Windows 10 Version 20H2 for x64based Systems Windows Server 2022 Azure Edition Core Hotpatch Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32bit Systems Windows 10 Version 21H1 for ARM64based Systems Windows 10 Version 21H1 for x64based Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64based Systems Windows 10 Version 1809 for x64based Systems Windows 10 Version 1809 for 32bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

<item>

<title>Zscaler protects against 4 new vulnerabilities for Windows</title>

<link>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-may-2022</link>

<guid>https://www.zscaler.com/de/security-advisories/zscaler-protects-against-4-new-vulnerabilities-for-windows-may-2022</guid>

<pubDate>Tue, 10 May 2022 22:56:37 GMT</pubDate>

<description>Zscaler, working with Microsoft through their MAPP program, has proactively deployed protection for the following 4 vulnerabilities included in the May 2022 Microsoft security bulletins. Zscaler will continue to monitor exploits associated with all vulnerabilities in the May release and deploy additional protections, as necessary. CVE-2022-29104 – Windows Print Spooler Elevation of Privilege Vulnerability Severity: Important Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems CVE-2022-29142 – Windows Kernel Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems CVE-2022-23279 – Windows ALPC Elevation of Privilege Vulnerability Severity: Important Affected Software Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems CVE-2022-23270 – Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability Severity: Critical Affected Software Windows Server 2012 R2 (Server Core installation) Windows Server 2012 R2 Windows Server 2012 (Server Core installation) Windows Server 2012 Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation) Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation) Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation) Windows Server 2008 for 32-bit Systems Service Pack 2 Windows RT 8.1 Windows 8.1 for x64-based systems Windows 8.1 for 32-bit systems Windows 7 for x64-based Systems Service Pack 1 Windows 7 for 32-bit Systems Service Pack 1 Windows Server 2016 (Server Core installation) Windows Server 2016 Windows 10 Version 1607 for x64-based Systems Windows 10 Version 1607 for 32-bit Systems Windows 10 for x64-based Systems Windows 10 for 32-bit Systems Windows 10 Version 21H2 for x64-based Systems Windows 10 Version 21H2 for ARM64-based Systems Windows 10 Version 21H2 for 32-bit Systems Windows 11 for ARM64-based Systems Windows 11 for x64-based Systems Windows Server, version 20H2 (Server Core Installation) Windows 10 Version 20H2 for ARM64-based Systems Windows 10 Version 20H2 for 32-bit Systems Windows 10 Version 20H2 for x64-based Systems Windows Server 2022 (Server Core installation) Windows Server 2022 Windows 10 Version 21H1 for 32-bit Systems Windows 10 Version 21H1 for ARM64-based Systems Windows 10 Version 21H1 for x64-based Systems Windows 10 Version 1909 for ARM64-based Systems Windows 10 Version 1909 for x64-based Systems Windows 10 Version 1909 for 32-bit Systems Windows Server 2019 (Server Core installation) Windows Server 2019 Windows 10 Version 1809 for ARM64-based Systems Windows 10 Version 1809 for x64-based Systems Windows 10 Version 1809 for 32-bit Systems </description>

<author>mapp-release@zscaler.com (mapp-release@zscaler.com)</author>

...

</item>

...

</channel>

...

</rss>