説明
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions, gain privileges, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Windows LDAP can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows Server Service can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in BitLocker can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Remote Procedure Call Runtime can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows Graphics Component can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Remote Desktop Protocol (RDP) can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Address Book can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Point-to-Point Tunneling Protocol can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows WLAN AutoConfig Service can be exploited remotely to cause denial of service.
- A spoofing vulnerability in Windows LSA can be exploited remotely to to spoof user interface.
- A remote code execution vulnerability in Microsoft Windows Media Foundation can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows WLAN AutoConfig Service can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Cluster Shared Volume (CSV) can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Clustered Shared Volume can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Active Directory Domain Services can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Failover Cluster can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Push Notifications Apps can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Tablet Windows User Interface Application Core can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Clustered Shared Volume can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows NTFS can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Clustered Shared Volume can be exploited remotely to obtain sensitive information.
オリジナルアドバイザリー
- CVE-2022-22019
- CVE-2022-29139
- CVE-2022-29129
- CVE-2022-29141
- CVE-2022-29132
- CVE-2022-29130
- CVE-2022-29128
- CVE-2022-26936
- CVE-2022-29115
- CVE-2022-29127
- CVE-2022-22012
- CVE-2022-26931
- CVE-2022-22013
- CVE-2022-29112
- CVE-2022-26937
- CVE-2022-29103
- CVE-2022-22015
- CVE-2022-26926
- CVE-2022-23270
- CVE-2022-29121
- CVE-2022-21972
- CVE-2022-26925
- CVE-2022-29105
- CVE-2022-22011
- CVE-2022-26935
- CVE-2022-26934
- CVE-2022-22014
- CVE-2022-29150
- CVE-2022-29114
- CVE-2022-29138
- CVE-2022-26923
- CVE-2022-29135
- CVE-2022-29104
- CVE-2022-29102
- CVE-2022-26930
- CVE-2022-29151
- CVE-2022-29125
- CVE-2022-29126
- CVE-2022-29123
- CVE-2022-26933
- CVE-2022-29120
- CVE-2022-29134
- CVE-2022-29122
エクスプロイテーション
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
関連製品
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
CVEリスト
- CVE-2022-29137 critical
- CVE-2022-26936 high
- CVE-2022-29115 critical
- CVE-2022-29127 warning
- CVE-2022-22012 critical
- CVE-2022-26931 critical
- CVE-2022-22013 critical
- CVE-2022-22019 critical
- CVE-2022-29139 critical
- CVE-2022-29129 critical
- CVE-2022-29141 critical
- CVE-2022-29112 high
- CVE-2022-26937 critical
- CVE-2022-29103 critical
- CVE-2022-22015 high
- CVE-2022-29132 critical
- CVE-2022-29130 critical
- CVE-2022-26926 critical
- CVE-2022-23270 critical
- CVE-2022-29121 high
- CVE-2022-21972 critical
- CVE-2022-26925 high
- CVE-2022-29105 critical
- CVE-2022-22011 high
- CVE-2022-26935 high
- CVE-2022-29128 critical
- CVE-2022-26934 high
- CVE-2022-22014 critical
- CVE-2022-29104 critical
- CVE-2022-29102 high
- CVE-2022-29151 high
- CVE-2022-29122 high
- CVE-2022-29150 high
- CVE-2022-29125 high
- CVE-2022-29138 high
- CVE-2022-26933 high
- CVE-2022-29135 high
- CVE-2022-29134 high
- CVE-2022-26923 critical
- CVE-2022-26930 high
- CVE-2022-29123 high
- CVE-2022-29120 high
- CVE-2022-29126 high
- CVE-2022-29114 high
KBリスト
も参照してください
お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com
この脆弱性についての記述に不正確な点がありますか? お知らせください!