Kaspersky ID:
KLA12602
Дата обнаружения:
09/08/2022
Обновлено:
22/01/2024

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A denial of service vulnerability in Windows Local Security Authority (LSA) can be exploited remotely to cause denial of service.
  2. An elevation of privilege vulnerability in Windows Defender Credential Guard can be exploited remotely to gain privileges.
  3. An elevation of privilege vulnerability in Storage Spaces Direct can be exploited remotely to gain privileges.
  4. A security vulnerability in Windows can be exploited remotely to bypass security restrictions.
  5. An elevation of privilege vulnerability in Windows Partition Management Driver can be exploited remotely to gain privileges.
  6. An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
  7. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
  8. A remote code execution vulnerability in Windows WebBrowser Control can be exploited remotely to execute arbitrary code.
  9. A remote code execution vulnerability in Windows Point-to-Point Protocol (PPP) can be exploited remotely to execute arbitrary code.
  10. A remote code execution vulnerability in Windows Secure Socket Tunneling Protocol (SSTP) can be exploited remotely to execute arbitrary code.
  11. A security feature bypass vulnerability in Windows Defender Credential Guard can be exploited remotely to bypass security restrictions.
  12. An information disclosure vulnerability in Windows Defender Credential Guard can be exploited remotely to obtain sensitive information.
  13. A denial of service vulnerability in Windows Point-to-Point Protocol (PPP) can be exploited remotely to cause denial of service.
  14. A remote code execution vulnerability in SMB Client and Server can be exploited remotely to execute arbitrary code.
  15. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
  16. An elevation of privilege vulnerability in Windows Error Reporting Service can be exploited remotely to gain privileges.
  17. An elevation of privilege vulnerability in Microsoft ATA Port Driver can be exploited remotely to gain privileges.
  18. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
  19. A remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool (MSDT) can be exploited remotely to execute arbitrary code.
  20. A remote code execution vulnerability in Windows Bluetooth Service can be exploited remotely to execute arbitrary code.
  21. An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
  22. An elevation of privilege vulnerability in Windows Fax Service can be exploited remotely to gain privileges.
  23. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
  24. A denial of service vulnerability in Windows Secure Socket Tunneling Protocol (SSTP) can be exploited remotely to cause denial of service.
  25. An elevation of privilege vulnerability in Active Directory Domain Services can be exploited remotely to gain privileges.
  26. An elevation of privilege vulnerability in Windows Digital Media Receiver can be exploited remotely to gain privileges.
  27. An elevation of privilege vulnerability in Windows Bluetooth Driver can be exploited remotely to gain privileges.
  28. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
  29. An elevation of privilege vulnerability in Windows Local Security Authority (LSA) can be exploited remotely to gain privileges.
  30. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
  31. An elevation of privilege vulnerability in Unified Write Filter can be exploited remotely to gain privileges.
  32. A denial of service vulnerability in HTTP.sys can be exploited remotely to cause denial of service.
  33. An information disclosure vulnerability in Windows Kernel Memory can be exploited remotely to obtain sensitive information.
  34. A security feature bypass vulnerability in Windows Hello can be exploited remotely to bypass security restrictions.
  35. A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
  36. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.

Первичный источник обнаружения

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2022-35759
    warning
  • CVE-2022-34705
    warning
  • CVE-2022-35765
    warning
  • CVE-2022-34303
    warning
  • CVE-2022-35763
    warning
  • CVE-2022-34703
    warning
  • CVE-2022-35751
    warning
  • CVE-2022-34707
    warning
  • CVE-2022-30194
    warning
  • CVE-2022-35771
    warning
  • CVE-2022-35744
    warning
  • CVE-2022-34714
    warning
  • CVE-2022-34301
    warning
  • CVE-2022-35794
    warning
  • CVE-2022-35766
    warning
  • CVE-2022-34709
    warning
  • CVE-2022-34704
    warning
  • CVE-2022-35767
    warning
  • CVE-2022-35769
    warning
  • CVE-2022-35804
    warning
  • CVE-2022-30197
    warning
  • CVE-2022-35795
    warning
  • CVE-2022-35760
    warning
  • CVE-2022-35793
    warning
  • CVE-2022-35747
    warning
  • CVE-2022-35743
    warning
  • CVE-2022-35764
    warning
  • CVE-2022-30144
    warning
  • CVE-2022-35761
    warning
  • CVE-2022-35762
    warning
  • CVE-2022-34702
    warning
  • CVE-2022-35757
    warning
  • CVE-2022-34690
    warning
  • CVE-2022-35745
    warning
  • CVE-2022-35750
    warning
  • CVE-2022-34708
    warning
  • CVE-2022-35792
    warning
  • CVE-2022-35753
    warning
  • CVE-2022-34712
    warning
  • CVE-2022-34701
    warning
  • CVE-2022-34691
    warning
  • CVE-2022-34302
    warning
  • CVE-2022-35746
    warning
  • CVE-2022-34713
    warning
  • CVE-2022-35820
    warning
  • CVE-2022-34696
    warning
  • CVE-2022-33670
    warning
  • CVE-2022-34706
    warning
  • CVE-2022-34699
    warning
  • CVE-2022-35754
    warning
  • CVE-2022-35748
    warning
  • CVE-2022-30133
    warning
  • CVE-2022-35758
    warning
  • CVE-2022-35755
    warning
  • CVE-2022-35797
    warning
  • CVE-2022-35749
    warning
  • CVE-2022-35768
    warning
  • CVE-2022-35752
    warning
  • CVE-2022-34715
    warning
  • CVE-2022-34710
    warning
  • CVE-2022-35756
    warning

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.