Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Vulnerabilities

Multiple vulnerabilities were found in Microsoft Windows

Kaspersky ID:
KLA90840
Detect Date:
01/13/2026
Updated:
01/14/2026

Description

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information, cause denial of service, spoof user interface.

Below is a complete list of vulnerabilities:

  1. An elevation of privilege vulnerability in Windows Virtualization-Based Security (VBS) Enclave can be exploited remotely to gain privileges.
  2. An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
  3. A remote code execution vulnerability in Windows Server Update Service (WSUS) can be exploited remotely to execute arbitrary code.
  4. An elevation of privilege vulnerability in Capability Access Management Service (camsvc) can be exploited remotely to gain privileges.
  5. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
  6. An information disclosure vulnerability in Remote Procedure Call can be exploited remotely to obtain sensitive information.
  7. An elevation of privilege vulnerability in Windows Management Services can be exploited remotely to gain privileges.
  8. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
  9. An information disclosure vulnerability in Tablet Windows User Interface (TWINUI) Subsystem can be exploited remotely to gain privileges.
  10. A remote code execution vulnerability in Windows Media can be exploited remotely to execute arbitrary code.
  11. An elevation of privilege vulnerability in DirectX Graphics Kernel can be exploited remotely to gain privileges.
  12. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
  13. An information disclosure vulnerability in Windows Client-Side Caching (CSC) Service can be exploited remotely to obtain sensitive information.
  14. An elevation of privilege vulnerability in Windows Clipboard Server can be exploited remotely to gain privileges.
  15. A remote code execution vulnerability in Windows Local Security Authority Subsystem Service (LSASS) can be exploited remotely to execute arbitrary code.
  16. A denial of service vulnerability in Windows SMB Server can be exploited remotely to cause denial of service.
  17. A remote code execution vulnerability in Windows Deployment Services can be exploited remotely to execute arbitrary code.
  18. A spoofing vulnerability in NTLM Hash Disclosure can be exploited remotely to spoof user interface.
  19. An elevation of privilege vulnerability in Windows Motorola Soft Modem Driver can be exploited remotely to gain privileges.
  20. An information disclosure vulnerability in Dynamic Root of Trust for Measurement (DRTM) can be exploited remotely to obtain sensitive information.
  21. An information disclosure vulnerability in Windows Kerberos can be exploited remotely to obtain sensitive information.
  22. An elevation of privilege vulnerability in Windows Error Reporting Service can be exploited remotely to gain privileges.
  23. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
  24. An elevation of privilege vulnerability in MITRE: CVE-2023-31096 Windows Agere Soft Modem Driver can be exploited remotely to gain privileges.
  25. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
  26. A tampering vulnerability in Windows Hello can be exploited remotely to spoof user interface.
  27. An information disclosure vulnerability in Capability Access Management Service (camsvc) can be exploited remotely to obtain sensitive information.
  28. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
  29. An information disclosure vulnerability in Windows Virtualization-Based Security (VBS) can be exploited remotely to obtain sensitive information.
  30. A remote code execution vulnerability in Windows NTFS can be exploited remotely to execute arbitrary code.
  31. An information disclosure vulnerability in Windows File Explorer can be exploited remotely to obtain sensitive information.
  32. An elevation of privilege vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to gain privileges.
  33. A tampering vulnerability in LDAP can be exploited remotely to spoof user interface.
  34. An elevation of privilege vulnerability in Windows Connected Devices Platform Service can be exploited remotely to gain privileges.
  35. A spoofing vulnerability in Microsoft Windows File Explorer can be exploited remotely to spoof user interface.
  36. A security feature bypass vulnerability in Windows Remote Assistance can be exploited remotely to bypass security restrictions.
  37. An elevation of privilege vulnerability in Windows File Explorer can be exploited remotely to gain privileges.
  38. An elevation of privilege vulnerability in Windows SMB Server can be exploited remotely to gain privileges.
  39. An elevation of privilege vulnerability in Windows Local Session Manager (LSM) can be exploited remotely to gain privileges.
  40. An elevation of privilege vulnerability in Desktop Windows Manager can be exploited remotely to gain privileges.
  41. An elevation of privilege vulnerability in Windows Kernel-Mode Driver can be exploited remotely to gain privileges.
  42. An information disclosure vulnerability in Windows NDIS can be exploited remotely to obtain sensitive information.
  43. An information disclosure vulnerability in TPM Trustlet can be exploited remotely to obtain sensitive information.
  44. An elevation of privilege vulnerability in Microsoft DWM Core Library can be exploited remotely to gain privileges.
  45. An elevation of privilege vulnerability in Windows Telephony Service can be exploited remotely to gain privileges.
  46. An information disclosure vulnerability in Windows Management Services can be exploited remotely to obtain sensitive information.
  47. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
  48. An elevation of privilege vulnerability in Windows WalletService can be exploited remotely to gain privileges.
  49. An information disclosure vulnerability in Windows rndismp6.sys can be exploited remotely to obtain sensitive information.
  50. An information disclosure vulnerability in Desktop Window Manager can be exploited remotely to obtain sensitive information.
  51. An information disclosure vulnerability in Windows Hyper-V can be exploited remotely to obtain sensitive information.
  52. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
  53. An elevation of privilege vulnerability in Windows Remote Procedure Call Interface Definition Language (IDL) can be exploited remotely to gain privileges.
  54. An elevation of privilege vulnerability in Windows Kernel Memory can be exploited remotely to gain privileges.
  55. An information disclosure vulnerability in Tablet Windows User Interface (TWINUI) Subsystem can be exploited remotely to obtain sensitive information.
  56. A security feature bypass vulnerability in Secure Boot Certificate Expiration can be exploited remotely to bypass security restrictions.
  57. A spoofing vulnerability in Windows can be exploited remotely to spoof user interface.
  58. A denial of service vulnerability in Windows Local Security Authority Subsystem Service (LSASS) can be exploited remotely to cause denial of service.
  59. An elevation of privilege vulnerability in Windows HTTP.sys can be exploited remotely to gain privileges.
  60. An elevation of privilege vulnerability in Host Process for Windows Tasks can be exploited remotely to gain privileges.
  61. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.

Original advisories

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

CVE list

  • CVE-2023-31096
    critical
  • CVE-2024-55414
    critical
  • CVE-2026-0386
    critical
  • CVE-2026-20804
    critical
  • CVE-2026-20805
    high
  • CVE-2026-20808
    high
  • CVE-2026-20809
    critical
  • CVE-2026-20810
    critical
  • CVE-2026-20811
    critical
  • CVE-2026-20812
    high
  • CVE-2026-20814
    high
  • CVE-2026-20815
    high
  • CVE-2026-20816
    high
  • CVE-2026-20817
    critical
  • CVE-2026-20818
    high
  • CVE-2026-20819
    high
  • CVE-2026-20820
    critical
  • CVE-2026-20821
    high
  • CVE-2026-20822
    critical
  • CVE-2026-20823
    high
  • CVE-2026-20824
    high
  • CVE-2026-20825
    warning
  • CVE-2026-20826
    critical
  • CVE-2026-20827
    high
  • CVE-2026-20828
    warning
  • CVE-2026-20829
    high
  • CVE-2026-20830
    high
  • CVE-2026-20831
    critical
  • CVE-2026-20832
    critical
  • CVE-2026-20833
    high
  • CVE-2026-20834
    warning
  • CVE-2026-20835
    high
  • CVE-2026-20836
    high
  • CVE-2026-20837
    critical
  • CVE-2026-20838
    high
  • CVE-2026-20839
    high
  • CVE-2026-20840
    critical
  • CVE-2026-20842
    high
  • CVE-2026-20843
    critical
  • CVE-2026-20844
    high
  • CVE-2026-20847
    high
  • CVE-2026-20848
    critical
  • CVE-2026-20849
    critical
  • CVE-2026-20851
    high
  • CVE-2026-20852
    critical
  • CVE-2026-20853
    high
  • CVE-2026-20854
    critical
  • CVE-2026-20856
    critical
  • CVE-2026-20857
    critical
  • CVE-2026-20858
    critical
  • CVE-2026-20859
    critical
  • CVE-2026-20860
    critical
  • CVE-2026-20861
    critical
  • CVE-2026-20862
    high
  • CVE-2026-20863
    high
  • CVE-2026-20864
    critical
  • CVE-2026-20865
    critical
  • CVE-2026-20866
    critical
  • CVE-2026-20867
    critical
  • CVE-2026-20868
    critical
  • CVE-2026-20869
    high
  • CVE-2026-20870
    critical
  • CVE-2026-20871
    critical
  • CVE-2026-20872
    high
  • CVE-2026-20873
    critical
  • CVE-2026-20874
    critical
  • CVE-2026-20875
    critical
  • CVE-2026-20876
    high
  • CVE-2026-20877
    critical
  • CVE-2026-20918
    critical
  • CVE-2026-20919
    critical
  • CVE-2026-20920
    critical
  • CVE-2026-20921
    critical
  • CVE-2026-20922
    critical
  • CVE-2026-20923
    critical
  • CVE-2026-20924
    critical
  • CVE-2026-20925
    high
  • CVE-2026-20926
    critical
  • CVE-2026-20927
    high
  • CVE-2026-20929
    critical
  • CVE-2026-20931
    critical
  • CVE-2026-20932
    high
  • CVE-2026-20934
    critical
  • CVE-2026-20935
    high
  • CVE-2026-20936
    warning
  • CVE-2026-20937
    high
  • CVE-2026-20938
    critical
  • CVE-2026-20939
    high
  • CVE-2026-20940
    critical
  • CVE-2026-20941
    critical
  • CVE-2026-20962
    warning
  • CVE-2026-21221
    high
  • CVE-2026-21265
    high

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
29 December 2025
Securelist
The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor
25 December 2025
Securelist
Threat landscape for industrial automation systems in Q3 2025
24 December 2025
Securelist
Evasive Panda APT poisons DNS requests to deliver MgBot
23 December 2025
Securelist
Assessing SIEM effectiveness
23 December 2025
Securelist
From cheats to exploits: Webrat spreading via GitHub
19 December 2025
Securelist
Cloud Atlas activity in the first half of 2025: what changed
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Kaspersky ID
Vulnerability
Detect date
Severity
Confirm changes?
Your message has been sent successfully.