Kaspersky ID:
KLA48842
Detect Date:
04/11/2023
Updated:
09/19/2024

Description

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information, spoof user interface, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
  2. A remote code execution vulnerability in Windows DNS Server can be exploited remotely to execute arbitrary code.
  3. A denial of service vulnerability in Windows Kernel can be exploited remotely to cause denial of service.
  4. An information disclosure vulnerability in Remote Desktop Protocol Client can be exploited remotely to obtain sensitive information.
  5. A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
  6. A remote code execution vulnerability in Windows Network Load Balancing can be exploited remotely to execute arbitrary code.
  7. A remote code execution vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions can be exploited remotely to execute arbitrary code.
  8. A remote code execution vulnerability in Windows Pragmatic General Multicast (PGM) can be exploited remotely to execute arbitrary code.
  9. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
  10. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
  11. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
  12. A denial of service vulnerability in Windows Secure Channel can be exploited remotely to cause denial of service.
  13. An elevation of privilege vulnerability in Windows CNG Key Isolation Service can be exploited remotely to gain privileges.
  14. A remote code execution vulnerability in DHCP Server Service can be exploited remotely to execute arbitrary code.
  15. A remote code execution vulnerability in Windows Point-to-Point Tunneling Protocol can be exploited remotely to execute arbitrary code.
  16. A remote code execution vulnerability in Layer 2 Tunneling Protocol can be exploited remotely to execute arbitrary code.
  17. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
  18. A remote code execution vulnerability in Microsoft Message Queuing can be exploited remotely to execute arbitrary code.
  19. An information disclosure vulnerability in Windows Kernel Memory can be exploited remotely to obtain sensitive information.
  20. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
  21. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
  22. An elevation of privilege vulnerability in Netlogon RPC can be exploited remotely to gain privileges.
  23. A denial of service vulnerability in Windows Secure Socket Tunneling Protocol (SSTP) can be exploited remotely to cause denial of service.
  24. A denial of service vulnerability in Windows Network Address Translation (NAT) can be exploited remotely to cause denial of service.
  25. An elevation of privilege vulnerability in Windows Advanced Local Procedure Call (ALPC) can be exploited remotely to gain privileges.
  26. A denial of service vulnerability in Microsoft Message Queuing can be exploited remotely to cause denial of service.
  27. A remote code execution vulnerability in Windows Bluetooth Driver can be exploited remotely to execute arbitrary code.
  28. A security feature bypass vulnerability in Windows Group Policy can be exploited remotely to bypass security restrictions.
  29. A remote code execution vulnerability in Remote Procedure Call Runtime can be exploited remotely to execute arbitrary code.
  30. A remote code execution vulnerability in Microsoft SQL Server can be exploited remotely to execute arbitrary code.
  31. A remote code execution vulnerability in Windows Domain Name Service can be exploited remotely to execute arbitrary code.
  32. An information disclosure vulnerability in Windows Common Log File System Driver can be exploited remotely to obtain sensitive information.
  33. An information disclosure vulnerability in Remote Procedure Call Runtime can be exploited remotely to obtain sensitive information.
  34. A remote code execution vulnerability in Microsoft PostScript and PCL6 Class Printer Driver can be exploited remotely to execute arbitrary code.
  35. An information disclosure vulnerability in Microsoft PostScript and PCL6 Class Printer Driver can be exploited remotely to obtain sensitive information.
  36. A security feature bypass vulnerability in Windows Boot Manager can be exploited remotely to bypass security restrictions.
  37. An information disclosure vulnerability in Windows Network File System can be exploited remotely to obtain sensitive information.
  38. An elevation of privilege vulnerability in Windows Remote Procedure Call Service (RPCSS) can be exploited remotely to gain privileges.
  39. A remote code execution vulnerability in Windows Kernel can be exploited remotely to execute arbitrary code.
  40. A remote code execution vulnerability in Windows Point-to-Point Protocol over Ethernet (PPPoE) can be exploited remotely to execute arbitrary code.
 
 

 

 

Original advisories

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

CVE list

  • CVE-2023-28272
    critical
  • CVE-2023-28306
    high
  • CVE-2023-28298
    high
  • CVE-2023-28267
    high
  • CVE-2023-28228
    high
  • CVE-2023-28240
    critical
  • CVE-2023-28238
    critical
  • CVE-2023-28250
    critical
  • CVE-2023-28308
    high
  • CVE-2023-28244
    critical
  • CVE-2023-28252
    critical
  • CVE-2023-28218
    high
  • CVE-2023-24931
    critical
  • CVE-2023-28229
    high
  • CVE-2023-28293
    critical
  • CVE-2023-28231
    critical
  • CVE-2023-28232
    critical
  • CVE-2023-28219
    critical
  • CVE-2023-28275
    critical
  • CVE-2023-21554
    critical
  • CVE-2023-28271
    high
  • CVE-2023-24912
    critical
  • CVE-2023-28254
    high
  • CVE-2023-28253
    high
  • CVE-2023-28268
    critical
  • CVE-2023-28255
    high
  • CVE-2023-28305
    high
  • CVE-2023-28241
    critical
  • CVE-2023-28217
    critical
  • CVE-2023-28216
    high
  • CVE-2023-28302
    critical
  • CVE-2023-28227
    critical
  • CVE-2023-28256
    high
  • CVE-2023-28278
    high
  • CVE-2023-28276
    warning
  • CVE-2023-21727
    critical
  • CVE-2023-28222
    high
  • CVE-2023-28307
    high
  • CVE-2023-28220
    critical
  • CVE-2023-23384
    high
  • CVE-2023-28223
    high
  • CVE-2023-28266
    high
  • CVE-2023-21729
    high
  • CVE-2023-21769
    critical
  • CVE-2023-24887
    critical
  • CVE-2023-24883
    high
  • CVE-2023-28243
    critical
  • CVE-2023-28249
    high
  • CVE-2023-24886
    critical
  • CVE-2023-24929
    critical
  • CVE-2023-28237
    critical
  • CVE-2023-28236
    critical
  • CVE-2023-24928
    critical
  • CVE-2023-24925
    critical
  • CVE-2023-28269
    high
  • CVE-2023-24924
    critical
  • CVE-2023-28224
    high
  • CVE-2023-24885
    critical
  • CVE-2023-24927
    critical
  • CVE-2023-24884
    critical
  • CVE-2023-28297
    critical
  • CVE-2023-28247
    critical
  • CVE-2023-24926
    critical

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.