Searching
..

Click anywhere to stop

KLA20045
Multiple vulnerabilities in Microsoft Products (ESU)

Updated: 01/22/2024
Detect date
?
11/08/2022
Severity
?
Critical
Description

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A denial of service vulnerability in Windows Network Address Translation (NAT) can be exploited remotely to cause denial of service.
  2. An elevation of privilege vulnerability in Windows Kerberos RC4-HMAC can be exploited remotely to gain privileges.
  3. A denial of service vulnerability in Windows Point-to-Point Tunneling Protocol can be exploited remotely to cause denial of service.
  4. An elevation of privilege vulnerability in Windows Advanced Local Procedure Call (ALPC) can be exploited remotely to gain privileges.
  5. A remote code execution vulnerability in Windows Scripting Languages can be exploited remotely to execute arbitrary code.
  6. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
  7. An information disclosure vulnerability in Windows GDI+ can be exploited remotely to obtain sensitive information.
  8. A denial of service vulnerability in Windows Kerberos can be exploited remotely to cause denial of service.
  9. An information disclosure vulnerability in Network Policy Server (NPS) RADIUS Protocol can be exploited remotely to obtain sensitive information.
  10. An information disclosure vulnerability can be exploited remotely to obtain sensitive information.
  11. A remote code execution vulnerability in Windows Point-to-Point Tunneling Protocol can be exploited remotely to execute arbitrary code.
  12. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
  13. An elevation of privilege vulnerability in Windows Group Policy can be exploited remotely to gain privileges.
  14. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
  15. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
  16. A denial of service vulnerability in Network Policy Server (NPS) RADIUS Protocol can be exploited remotely to cause denial of service.
  17. An elevation of privilege vulnerability in Netlogon RPC can be exploited remotely to gain privileges.
  18. An elevation of privilege vulnerability in Windows HTTP.sys can be exploited remotely to gain privileges.
  19. An elevation of privilege vulnerability in Windows Digital Media Receiver can be exploited remotely to gain privileges.
  20. An elevation of privilege vulnerability in Windows CNG Key Isolation Service can be exploited remotely to gain privileges.
Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Affected products

Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows 7 for 32-bit Systems Service Pack 1
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012
Windows Server 2012 (Server Core installation)

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2022-41058
CVE-2022-37966
CVE-2022-41090
CVE-2022-41045
CVE-2022-41118
CVE-2022-41048
CVE-2022-41098
CVE-2022-41053
CVE-2022-41116
CVE-2022-41097
CVE-2022-23824
CVE-2022-41044
CVE-2022-41073
CVE-2022-41047
CVE-2022-41086
CVE-2022-37967
CVE-2022-41128
CVE-2022-37992
CVE-2022-41109
CVE-2022-41056
CVE-2022-38023
CVE-2022-41039
CVE-2022-41057
CVE-2022-41095
CVE-2022-41125
CVE-2022-41088
CVE-2022-41100
CVE-2022-41093

Impacts
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

PE 
[?]
Related products
Microsoft Windows
Microsoft Windows Server
Microsoft Windows Server 2012
Microsoft Windows 7
Microsoft Windows Server 2008
CVE-IDS
?
CVE-2022-410585.0Warning
CVE-2022-379665.0Warning
CVE-2022-410905.0Warning
CVE-2022-410455.0Warning
CVE-2022-411185.0Warning
CVE-2022-410485.0Warning
CVE-2022-410985.0Warning
CVE-2022-410535.0Warning
CVE-2022-411165.0Warning
CVE-2022-410975.0Warning
CVE-2022-238245.0Warning
CVE-2022-410445.0Warning
CVE-2022-410735.0Warning
CVE-2022-410475.0Warning
CVE-2022-410865.0Warning
CVE-2022-379675.0Warning
CVE-2022-411285.0Warning
CVE-2022-379925.0Warning
CVE-2022-411095.0Warning
CVE-2022-410565.0Warning
CVE-2022-380235.0Warning
CVE-2022-410395.0Warning
CVE-2022-410575.0Warning
CVE-2022-410955.0Warning
CVE-2022-410935.0Warning
CVE-2022-411255.0Warning
CVE-2022-410885.0Warning
CVE-2022-411005.0Warning
KB list

5020000
5019958
5020005
5020013
5020019
5020023
5020010
5020003
5020009
5028223
5028228
5028232
5028233
5028222
5028226
5028240
5028224
5031407
5031442
5031419
5031427
5031416
5031408
5031441
5031411

Microsoft official advisories
Microsoft Security Update Guide
Find out the statistics of the vulnerabilities spreading in your region