Win11 KB5035853 addresses 60 security vulnerabilities

Microsoft released security update KB5035853 for Windows 11 versions 22H2 and 23H2 on March 12, 2024.

This security update includes update KB5034848.

KB5035853 addresses 60 vulnerabilities based on CVE numbers and is a very important security update for your system, so we recommend installing it.

1. CVE-2024-26165 (Visual Studio Code Elevation of Privilege Vulnerability)
2. CVE-2024-26204 (Information Disclosure Vulnerability in Outlook for Android)
3. CVE-2023-28746 (Intel: CVE-2023-28746 Register File Data Sampling (RFDS))
4. CVE-2024-26185 (Windows Compressed Folder Tampering Vulnerability)
5. CVE-2024-26182 (Windows Kernel Elevation of Privilege Vulnerability)
6. CVE-2024-26181 (Windows kernel denial of service vulnerability)
7. CVE-2024-26178 (Windows Kernel Elevation of Privilege Vulnerability)
8. CVE-2024-26177 (Windows kernel information disclosure vulnerability)
9. CVE-2024-26176 (Windows Kernel Elevation of Privilege Vulnerability)
10. CVE-2024-26174 (Windows kernel information disclosure vulnerability)
11. CVE-2024-26173 (Windows Kernel Elevation of Privilege Vulnerability)
12. CVE-2024-26170 (Windows Composite Image File System (CimFS) Elevation of Privilege Vulnerability)
13. CVE-2024-26169 (Windows Error Reporting Service Elevation of Privilege Vulnerability)
14. CVE-2024-26166 (Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability)
15. CVE-2024-26162 (Microsoft ODBC Driver Remote Code Execution Vulnerability)
16. CVE-2024-26160 (Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerability)
17. CVE-2024-21448 (Microsoft Teams for Android Information Disclosure Vulnerability)
18. CVE-2024-21440 (Microsoft ODBC Driver Remote Code Execution Vulnerability)
19. CVE-2024-21437 (Windows Graphics Component Elevation of Privilege Vulnerability)
20. CVE-2024-21436 (Windows Installer Elevation of Privilege Vulnerability)
21. CVE-2024-21435 (Windows OLE Remote Code Execution Vulnerability)
22. CVE-2024-21434 (Microsoft Windows SCSI Class System File Elevation of Privilege Vulnerability)
23. CVE-2024-21433 (Windows Print Spooler Elevation of Privilege Vulnerability)
24. CVE-2024-21432 (Windows Update stack elevation of privilege vulnerability)
25. CVE-2024-21431 (Hypervisor-Protected Code Integrity (HVCI) security feature bypass vulnerability)
26. CVE-2024-21427 (Windows Kerberos security feature bypass vulnerability)
27. CVE-2024-21419 (Cross-site scripting vulnerability in Microsoft Dynamics 365 (on-premises))
28. CVE-2024-21408 (Windows Hyper-V Denial of Service Vulnerability)
29. CVE-2024-21407 (Windows Hyper-V Remote Code Execution Vulnerability)
30. CVE-2024-21400 (Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability)
31. CVE-2024-21390 (Microsoft Authenticator Elevation of Privilege Vulnerability)
32. CVE-2024-21334 (Open Management Infrastructure (OMI) remote code execution vulnerability)
33. CVE-2024-21330 (Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability)
34. CVE-2024-26164 (Microsoft Django Backend for SQL Server Remote Code Execution Vulnerability)
35. CVE-2024-26161 (Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability)
36. CVE-2024-26203 (Azure Data Studio Elevation of Privilege Vulnerability)
37. CVE-2024-26201 (Microsoft Intune Linux Agent Elevation of Privilege Vulnerability)
38. CVE-2024-26199 (Microsoft Office Elevation of Privilege Vulnerability)
39. CVE-2024-26198 (Microsoft Exchange Server Remote Code Execution Vulnerability)
40. CVE-2024-26190 (Microsoft QUIC Denial of Service Vulnerability)
41. CVE-2024-26159 (Microsoft ODBC Driver Remote Code Execution Vulnerability)
42. CVE-2024-26197 (Denial of Service Vulnerability in Windows Standards-Based Storage Management Service)
43. CVE-2024-21451 (Microsoft ODBC Driver Remote Code Execution Vulnerability)
44. CVE-2024-21450 (Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability)
45. CVE-2024-21446 (NTFS Elevation of Privilege Vulnerability)
46. CVE-2024-21445 (Windows USB Print Driver Elevation of Privilege Vulnerability)
47. CVE-2024-21444 (Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability)
48. CVE-2024-21443 (Windows Kernel Elevation of Privilege Vulnerability)
49. CVE-2024-21442 (Windows USB Print Driver Elevation of Privilege Vulnerability)
50. CVE-2024-21441 (Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vulnerability)
51. CVE-2024-21439 (Windows Telephony Server Elevation of Privilege Vulnerability)
52. CVE-2024-21438 (Denial of Service Vulnerability in Microsoft AllJoyn API)
53. CVE-2024-21430 (Windows USB Attached SCSI (UAS) Protocol Remote Code Execution Vulnerability)
54. CVE-2024-21429 (Windows USB Hub Driver Remote Code Execution Vulnerability)
55. CVE-2024-21426 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
56. CVE-2024-21421 (Azure SDK spoofing vulnerability)
57. CVE-2024-21418 (Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability)
58. CVE-2024-21411 (Skype for Consumer remote code execution vulnerability)
59. CVE-2024-21392 (Denial of Service Vulnerability in .NET and Visual Studio)
60. CVE-2024-20671 (Microsoft Defender security feature bypass vulnerability)

https://msrc.microsoft.com/update-guide/vulnerability (Security Update Guide – Vulnerabilities)

CVE-2024-20671 (Microsoft Defender Security Feature Bypass Vulnerability) has already been resolved in the Microsoft Defender Antivirus antimalware platform update – KB4052623 (version 4.18.24010.12) – Current Channel (Broad), released on February 27, 2024.

Additionally, KB5035853 resolves a known issue that prevented the February 2024 non-security updates from being installed.

Reasons why Win11 KB5034765 cannot be installed and how to fix it

2024 / 03 / 15:

Win11 KB5035853 taskbar becomes transparent issue