KLA20045
Multiple vulnerabilities in Microsoft Products (ESU)

Updated: 09/29/2023
Detect date
?
11/08/2022
Severity
?
Critical
Description

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A denial of service vulnerability in Windows Network Address Translation (NAT) can be exploited remotely to cause denial of service.
  2. An elevation of privilege vulnerability in Windows Kerberos RC4-HMAC can be exploited remotely to gain privileges.
  3. A denial of service vulnerability in Windows Point-to-Point Tunneling Protocol can be exploited remotely to cause denial of service.
  4. An elevation of privilege vulnerability in Windows Advanced Local Procedure Call (ALPC) can be exploited remotely to gain privileges.
  5. A remote code execution vulnerability in Windows Scripting Languages can be exploited remotely to execute arbitrary code.
  6. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
  7. An information disclosure vulnerability in Windows GDI+ can be exploited remotely to obtain sensitive information.
  8. A denial of service vulnerability in Windows Kerberos can be exploited remotely to cause denial of service.
  9. An information disclosure vulnerability in Network Policy Server (NPS) RADIUS Protocol can be exploited remotely to obtain sensitive information.
  10. An information disclosure vulnerability can be exploited remotely to obtain sensitive information.
  11. A remote code execution vulnerability in Windows Point-to-Point Tunneling Protocol can be exploited remotely to execute arbitrary code.
  12. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
  13. An elevation of privilege vulnerability in Windows Group Policy can be exploited remotely to gain privileges.
  14. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
  15. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
  16. A denial of service vulnerability in Network Policy Server (NPS) RADIUS Protocol can be exploited remotely to cause denial of service.
  17. An elevation of privilege vulnerability in Netlogon RPC can be exploited remotely to gain privileges.
  18. An elevation of privilege vulnerability in Windows HTTP.sys can be exploited remotely to gain privileges.
  19. An elevation of privilege vulnerability in Windows Digital Media Receiver can be exploited remotely to gain privileges.
Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Affected products

Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2022-41058
CVE-2022-37966
CVE-2022-41090
CVE-2022-41045
CVE-2022-41118
CVE-2022-41048
CVE-2022-41098
CVE-2022-41053
CVE-2022-41116
CVE-2022-41097
CVE-2022-23824
CVE-2022-41044
CVE-2022-41073
CVE-2022-41047
CVE-2022-41086
CVE-2022-37967
CVE-2022-41128
CVE-2022-37992
CVE-2022-41109
CVE-2022-41056
CVE-2022-38023
CVE-2022-41039
CVE-2022-41057
CVE-2022-41095

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

PE 
[?]
Related products
Microsoft Windows
Microsoft Windows Server
Microsoft Windows 7
Microsoft Windows Server 2008
CVE-IDS
?
CVE-2022-410585.0Warning
CVE-2022-379665.0Warning
CVE-2022-410905.0Warning
CVE-2022-410455.0Warning
CVE-2022-411185.0Warning
CVE-2022-410485.0Warning
CVE-2022-410985.0Warning
CVE-2022-410535.0Warning
CVE-2022-411165.0Warning
CVE-2022-410975.0Warning
CVE-2022-238245.0Warning
CVE-2022-410445.0Warning
CVE-2022-410735.0Warning
CVE-2022-410475.0Warning
CVE-2022-410865.0Warning
CVE-2022-379675.0Warning
CVE-2022-411285.0Warning
CVE-2022-379925.0Warning
CVE-2022-411095.0Warning
CVE-2022-410565.0Warning
CVE-2022-380235.0Warning
CVE-2022-410395.0Warning
CVE-2022-410575.0Warning
CVE-2022-410955.0Warning
KB list

5020000
5019958
5020005
5020013
5020019
5028222
5028226
5028240
5028224

Microsoft official advisories
Microsoft Security Update Guide
Find out the statistics of the vulnerabilities spreading in your region