KLA20225
Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Windows Internet Storage Name Service (iSNS) Server can be exploited remotely to obtain sensitive information.
2. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
3. A remote code execution vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to execute arbitrary code.
4. A remote code execution vulnerability in Windows iSCSI Discovery Service can be exploited remotely to execute arbitrary code.
5. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
6. A remote code execution vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to execute arbitrary code.
7. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
8. An information disclosure vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to obtain sensitive information.
9. A denial of service vulnerability in Windows Active Directory Domain Services API can be exploited remotely to cause denial of service.
10. A remote code execution vulnerability in Windows MSHTML Platform can be exploited remotely to execute arbitrary code.
11. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
12. A denial of service vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to cause denial of service.
13. An elevation of privilege vulnerability in NT OS Kernel can be exploited remotely to gain privileges.
14. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
15. A remote code execution vulnerability in Windows Distributed File System (DFS) can be exploited remotely to execute arbitrary code.
16. A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
17. A denial of service vulnerability in Windows iSCSI Discovery Service can be exploited remotely to cause denial of service.
18. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
19. A denial of service vulnerability in Windows Secure Channel can be exploited remotely to cause denial of service.
20. A denial of service vulnerability in Windows iSCSI Service can be exploited remotely to cause denial of service.
21. A remote code execution vulnerability in Windows Media can be exploited remotely to execute arbitrary code.
22. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
23. An information disclosure vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to obtain sensitive information.
24. A remote code execution vulnerability in Microsoft SQL Server can be exploited remotely to execute arbitrary code.
25. A remote code execution vulnerability in Microsoft SQL ODBC Driver can be exploited remotely to execute arbitrary code.

The following public exploits exists for this vulnerability:

https://github.com/Elizarfish/CVE-2023-21823

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Microsoft SQL Server 2008 R2 for x64-Based Systems Service Pack 3 (QFE)
Microsoft SQL Server 2008 for x64-Based Systems Service Pack 4 (QFE)
Microsoft SQL Server 2008 R2 for 32-Bit Systems Service Pack 3 (QFE)
Microsoft SQL Server 2008 for 32-bit Systems Service Pack 4 (QFE)
Microsoft SQL Server 2012 for x64-based Systems Service Pack 4 (QFE)
Microsoft SQL Server 2012 for 32-bit Systems Service Pack 4 (QFE)

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

CVE-2023-21699
CVE-2023-21800
CVE-2023-21801
CVE-2023-21803
CVE-2023-21823
CVE-2023-21689
CVE-2023-21690
CVE-2023-21817
CVE-2023-21693
CVE-2023-21816
CVE-2023-21805
CVE-2023-21812
CVE-2023-21701
CVE-2023-21688
CVE-2023-21822
CVE-2023-21820
CVE-2023-21695
CVE-2023-21694
CVE-2023-21700
CVE-2023-21685
CVE-2023-21799
CVE-2023-21818
CVE-2023-21697
CVE-2023-21811
CVE-2023-21684
CVE-2023-21692
CVE-2023-21702
CVE-2023-23376
CVE-2023-21686
CVE-2023-21802
CVE-2023-21797
CVE-2023-21813
CVE-2023-21798
CVE-2023-21691
CVE-2023-21705
CVE-2023-21528
CVE-2023-21713
CVE-2023-21718

5022893
5022890
5022872
5022874
5022835
5021123
5021112
5020863