Searching
..

Click anywhere to stop

KLA12569
Multiple vulnerabilities in Microsoft Windows

Обновлено: 22/01/2024
Дата обнаружения
14/06/2022
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, gain privileges, execute arbitrary code, bypass security restrictions, spoof user interface.

Below is a complete list of vulnerabilities:

  1. A denial of service vulnerability in Windows Network Address Translation (NAT) can be exploited remotely to cause denial of service.
  2. Information disclosure vulnerability in microarchitectural fill buffers on some Intel Processors can be exploited to obtain sensitive information.
  3. An elevation of privilege vulnerability in Windows Advanced Local Procedure Call can be exploited remotely to gain privileges.
  4. Information disclosure vulnerability in multi-core shared buffers for some Intel Processors can be exploited to obtain sensitive information.
  5. Information disclosure vulnerability in specific special register write operations for some Intel Processors can be exploited to obtain sensitive information.
  6. A remote code execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to execute arbitrary code.
  7. An elevation of privilege vulnerability in Windows Ancillary Function Driver for WinSock can be exploited remotely to gain privileges.
  8. A remote code execution vulnerability in Windows File History can be exploited remotely to execute arbitrary code.
  9. Information disclosure vulnerability in specific special register read operations for some Intel Processors can be exploited to obtain sensitive information.
  10. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
  11. An elevation of privilege vulnerability in Local Security Authority Subsystem Service can be exploited remotely to gain privileges.
  12. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
  13. A denial of service vulnerability in Windows Kernel can be exploited remotely to cause denial of service.
  14. An elevation of privilege vulnerability in Windows Media Center can be exploited remotely to gain privileges.
  15. A remote code execution vulnerability in Windows iSCSI Discovery Service can be exploited remotely to execute arbitrary code.
  16. A remote code execution vulnerability in HEVC Video Extensions can be exploited remotely to execute arbitrary code.
  17. An elevation of privilege vulnerability in Windows Container Isolation FS Filter Driver can be exploited remotely to gain privileges.
  18. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
  19. An elevation of privilege vulnerability in Windows Defender Remote Credential Guard can be exploited remotely to gain privileges.
  20. A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
  21. A denial of service vulnerability in Windows SMB can be exploited remotely to cause denial of service.
  22. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
  23. An elevation of privilege vulnerability in Microsoft File Server Shadow Copy Agent Service (RVSS) can be exploited remotely to gain privileges.
  24. A security feature bypass vulnerability in Kerberos AppContainer can be exploited remotely to bypass security restrictions.
  25. An information disclosure vulnerability in Windows Desired State Configuration (DSC) can be exploited remotely to obtain sensitive information.
  26. A remote code execution vulnerability in AV1 Video Extension can be exploited remotely to execute arbitrary code.
  27. An elevation of privilege vulnerability in Windows Container Manager Service can be exploited remotely to gain privileges.
  28. A spoofing vulnerability in Windows Autopilot Device Management and Enrollment Client can be exploited remotely to spoof user interface.
  29. A remote code execution vulnerability in Windows Encrypting File System (EFS) can be exploited remotely to execute arbitrary code.
Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Пораженные продукты

Windows Server 2016 (Server Core installation)
Windows 10 Version 21H1 for 32-bit Systems
Windows 10 for x64-based Systems
Windows 8.1 for 32-bit systems
Windows Server 2022 Azure Edition Core Hotpatch
Windows 10 Version 21H1 for x64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2016
Windows 10 Version 1607 for x64-based Systems
Windows Server, version 20H2 (Server Core Installation)
AV1 Video Extension
Windows 11 for ARM64-based Systems
Windows RT 8.1
Windows Server 2019
Windows Server 2012
HEVC Video Extension
Windows 10 Version 21H1 for ARM64-based Systems
Windows 11 for x64-based Systems
Windows Server 2022
HEVC Video Extensions
Windows 8.1 for x64-based systems
Windows Server 2012 R2 (Server Core installation)
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows Server 2019 (Server Core installation)
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 Version 20H2 for x64-based Systems
Windows Server 2012 (Server Core installation)
Windows Server 2012 R2
Windows 10 Version 20H2 for ARM64-based Systems
Windows Server 2022 (Server Core installation)
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 1809 for x64-based Systems

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2022-30152
CVE-2022-22018
CVE-2022-21125
CVE-2022-21123
CVE-2022-30131
CVE-2022-30162
CVE-2022-30150
CVE-2022-30151
CVE-2022-30136
CVE-2022-32230
CVE-2022-30165
CVE-2022-30154
CVE-2022-30164
CVE-2022-30163
CVE-2022-30155
CVE-2022-29119
CVE-2022-30135
CVE-2022-29111
CVE-2022-30153
CVE-2022-30140
CVE-2022-30160
CVE-2022-30148
CVE-2022-30167
CVE-2022-30132
CVE-2022-21166
CVE-2022-30149
CVE-2022-30139
CVE-2022-30142
CVE-2022-30161
CVE-2022-30146
CVE-2022-21127
CVE-2022-30193
CVE-2022-30147
CVE-2022-30166
CVE-2022-30189
CVE-2022-30145
CVE-2022-30141
CVE-2022-30188
CVE-2022-30143
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

DoS 
[?]

SB 
[?]

PE 
[?]

SUI 
[?]
Связанные продукты
Microsoft Windows
Microsoft Windows Server
Microsoft Windows Server 2012
Microsoft Windows 8
Windows RT
Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows 11
CVE-IDS
KB list

5013942
5013941
5013943
5013945
5014702
5014699
5014692
5014710
5014747
5014678
5014738
5014741
5014697
5014746
5014677