Description
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code, obtain sensitive information.
Below is a complete list of vulnerabilities:
- A denial of service vulnerability in Windows Local Security Authority (LSA) can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Defender Credential Guard can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Storage Spaces Direct can be exploited remotely to gain privileges.
- A security vulnerability in Windows can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Partition Management Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows WebBrowser Control can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Point-to-Point Protocol (PPP) can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Secure Socket Tunneling Protocol (SSTP) can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in Windows Defender Credential Guard can be exploited remotely to bypass security restrictions.
- An information disclosure vulnerability in Windows Defender Credential Guard can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Point-to-Point Protocol (PPP) can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in SMB Client and Server can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Error Reporting Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Microsoft ATA Port Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool (MSDT) can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Bluetooth Service can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Fax Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Secure Socket Tunneling Protocol (SSTP) can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Active Directory Domain Services can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Digital Media Receiver can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Bluetooth Driver can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Local Security Authority (LSA) can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Unified Write Filter can be exploited remotely to gain privileges.
- A denial of service vulnerability in HTTP.sys can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Windows Kernel Memory can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows Hello can be exploited remotely to bypass security restrictions.
- A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
Original advisories
- CVE-2022-34705
- CVE-2022-35765
- CVE-2022-34303
- CVE-2022-35763
- CVE-2022-34703
- CVE-2022-35751
- CVE-2022-34707
- CVE-2022-30194
- CVE-2022-35771
- CVE-2022-35744
- CVE-2022-34714
- CVE-2022-34301
- CVE-2022-35794
- CVE-2022-35766
- CVE-2022-34709
- CVE-2022-34704
- CVE-2022-35767
- CVE-2022-35769
- CVE-2022-35804
- CVE-2022-30197
- CVE-2022-35795
- CVE-2022-35760
- CVE-2022-35793
- CVE-2022-35747
- CVE-2022-35743
- CVE-2022-35764
- CVE-2022-30144
- CVE-2022-35761
- CVE-2022-35762
- CVE-2022-34702
- CVE-2022-35757
- CVE-2022-34690
- CVE-2022-35745
- CVE-2022-35750
- CVE-2022-34708
- CVE-2022-35792
- CVE-2022-35753
- CVE-2022-34712
- CVE-2022-34701
- CVE-2022-34691
- CVE-2022-34302
- CVE-2022-35746
- CVE-2022-34713
- CVE-2022-35820
- CVE-2022-34696
- CVE-2022-33670
- CVE-2022-34706
- CVE-2022-34699
- CVE-2022-35754
- CVE-2022-35748
- CVE-2022-30133
- CVE-2022-35758
- CVE-2022-35755
- CVE-2022-35797
- CVE-2022-35749
- CVE-2022-35768
- CVE-2022-35752
- CVE-2022-34715
- CVE-2022-34710
- CVE-2022-35756
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Windows-RT
- Microsoft-Windows-10
- Microsoft-Windows-Server-2016
- Microsoft-Windows-Server-2019
- Microsoft-Windows-11
CVE list
- CVE-2022-35759 high
- CVE-2022-34705 critical
- CVE-2022-35765 critical
- CVE-2022-34303 high
- CVE-2022-35763 critical
- CVE-2022-34703 critical
- CVE-2022-35751 critical
- CVE-2022-34707 critical
- CVE-2022-30194 critical
- CVE-2022-35771 critical
- CVE-2022-35744 critical
- CVE-2022-34714 critical
- CVE-2022-34301 high
- CVE-2022-35794 critical
- CVE-2022-35766 critical
- CVE-2022-34709 high
- CVE-2022-34704 warning
- CVE-2022-35767 critical
- CVE-2022-35769 critical
- CVE-2022-35804 critical
- CVE-2022-30197 high
- CVE-2022-35795 critical
- CVE-2022-35760 critical
- CVE-2022-35793 high
- CVE-2022-35747 high
- CVE-2022-35743 critical
- CVE-2022-35764 critical
- CVE-2022-30144 critical
- CVE-2022-35761 critical
- CVE-2022-35762 critical
- CVE-2022-34702 critical
- CVE-2022-35757 high
- CVE-2022-34690 high
- CVE-2022-35745 critical
- CVE-2022-35750 critical
- CVE-2022-34708 high
- CVE-2022-35792 critical
- CVE-2022-35753 critical
- CVE-2022-34712 high
- CVE-2022-34701 critical
- CVE-2022-34691 critical
- CVE-2022-34302 high
- CVE-2022-35746 critical
- CVE-2022-34713 critical
- CVE-2022-35820 critical
- CVE-2022-34696 critical
- CVE-2022-33670 critical
- CVE-2022-34706 critical
- CVE-2022-34699 critical
- CVE-2022-35754 high
- CVE-2022-35748 critical
- CVE-2022-30133 critical
- CVE-2022-35758 high
- CVE-2022-35755 high
- CVE-2022-35797 high
- CVE-2022-35749 critical
- CVE-2022-35768 critical
- CVE-2022-35752 critical
- CVE-2022-34715 critical
- CVE-2022-34710 high
- CVE-2022-35756 critical
KB list
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!