Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, bypass security restrictions, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A denial of service vulnerability in Windows Local Security Authority (LSA) can be exploited remotely to cause denial of service.
2. An elevation of privilege vulnerability in Windows Defender Credential Guard can be exploited remotely to gain privileges.
3. An elevation of privilege vulnerability in Storage Spaces Direct can be exploited remotely to gain privileges.
4. A security vulnerability in Windows can be exploited remotely to bypass security restrictions.
5. An elevation of privilege vulnerability in Windows Partition Management Driver can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
7. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
8. A remote code execution vulnerability in Windows WebBrowser Control can be exploited remotely to execute arbitrary code.
9. A remote code execution vulnerability in Windows Point-to-Point Protocol (PPP) can be exploited remotely to execute arbitrary code.
10. A remote code execution vulnerability in Windows Secure Socket Tunneling Protocol (SSTP) can be exploited remotely to execute arbitrary code.
11. A security feature bypass vulnerability in Windows Defender Credential Guard can be exploited remotely to bypass security restrictions.
12. An information disclosure vulnerability in Windows Defender Credential Guard can be exploited remotely to obtain sensitive information.
13. A denial of service vulnerability in Windows Point-to-Point Protocol (PPP) can be exploited remotely to cause denial of service.
14. A remote code execution vulnerability in SMB Client and Server can be exploited remotely to execute arbitrary code.
15. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
16. An elevation of privilege vulnerability in Windows Error Reporting Service can be exploited remotely to gain privileges.
17. An elevation of privilege vulnerability in Microsoft ATA Port Driver can be exploited remotely to gain privileges.
18. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
19. A remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool (MSDT) can be exploited remotely to execute arbitrary code.
20. A remote code execution vulnerability in Windows Bluetooth Service can be exploited remotely to execute arbitrary code.
21. An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
22. An elevation of privilege vulnerability in Windows Fax Service can be exploited remotely to gain privileges.
23. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
24. A denial of service vulnerability in Windows Secure Socket Tunneling Protocol (SSTP) can be exploited remotely to cause denial of service.
25. An elevation of privilege vulnerability in Active Directory Domain Services can be exploited remotely to gain privileges.
26. An elevation of privilege vulnerability in Windows Digital Media Receiver can be exploited remotely to gain privileges.
27. An elevation of privilege vulnerability in Windows Bluetooth Driver can be exploited remotely to gain privileges.
28. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
29. An elevation of privilege vulnerability in Windows Local Security Authority (LSA) can be exploited remotely to gain privileges.
30. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
31. An elevation of privilege vulnerability in Unified Write Filter can be exploited remotely to gain privileges.
32. A denial of service vulnerability in HTTP.sys can be exploited remotely to cause denial of service.
33. An information disclosure vulnerability in Windows Kernel Memory can be exploited remotely to obtain sensitive information.
34. A security feature bypass vulnerability in Windows Hello can be exploited remotely to bypass security restrictions.
35. A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
36. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2022-35759
  CVE-2022-34705
  CVE-2022-35765
  CVE-2022-34303
  CVE-2022-35763
  CVE-2022-34703
  CVE-2022-35751
  CVE-2022-34707
  CVE-2022-30194
  CVE-2022-35771
  CVE-2022-35744
  CVE-2022-34714
  CVE-2022-34301
  CVE-2022-35794
  CVE-2022-35766
  CVE-2022-34709
  CVE-2022-34704
  CVE-2022-35767
  CVE-2022-35769
  CVE-2022-35804
  CVE-2022-30197
  CVE-2022-35795
  CVE-2022-35760
  CVE-2022-35793
  CVE-2022-35747
  CVE-2022-35743
  CVE-2022-35764
  CVE-2022-30144
  CVE-2022-35761
  CVE-2022-35762
  CVE-2022-34702
  CVE-2022-35757
  CVE-2022-34690
  CVE-2022-35745
  CVE-2022-35750
  CVE-2022-34708
  CVE-2022-35792
  CVE-2022-35753
  CVE-2022-34712
  CVE-2022-34701
  CVE-2022-34691
  CVE-2022-34302
  CVE-2022-35746
  CVE-2022-34713
  CVE-2022-35820
  CVE-2022-34696
  CVE-2022-33670
  CVE-2022-34706
  CVE-2022-34699
  CVE-2022-35754
  CVE-2022-35748
  CVE-2022-30133
  CVE-2022-35758
  CVE-2022-35755
  CVE-2022-35797
  CVE-2022-35749
  CVE-2022-35768
  CVE-2022-35752
  CVE-2022-34715
  CVE-2022-34710
  CVE-2022-35756
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-8
• Windows-RT
• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019
• Microsoft-Windows-11

Список CVE

• CVE-2022-35759
  high
• CVE-2022-34705
  critical
• CVE-2022-35765
  critical
• CVE-2022-34303
  high
• CVE-2022-35763
  critical
• CVE-2022-34703
  critical
• CVE-2022-35751
  critical
• CVE-2022-34707
  critical
• CVE-2022-30194
  critical
• CVE-2022-35771
  critical
• CVE-2022-35744
  critical
• CVE-2022-34714
  critical
• CVE-2022-34301
  high
• CVE-2022-35794
  critical
• CVE-2022-35766
  critical
• CVE-2022-34709
  high
• CVE-2022-34704
  warning
• CVE-2022-35767
  critical
• CVE-2022-35769
  critical
• CVE-2022-35804
  critical
• CVE-2022-30197
  high
• CVE-2022-35795
  critical
• CVE-2022-35760
  critical
• CVE-2022-35793
  high
• CVE-2022-35747
  high
• CVE-2022-35743
  critical
• CVE-2022-35764
  critical
• CVE-2022-30144
  critical
• CVE-2022-35761
  critical
• CVE-2022-35762
  critical
• CVE-2022-34702
  critical
• CVE-2022-35757
  high
• CVE-2022-34690
  high
• CVE-2022-35745
  critical
• CVE-2022-35750
  critical
• CVE-2022-34708
  high
• CVE-2022-35792
  critical
• CVE-2022-35753
  critical
• CVE-2022-34712
  high
• CVE-2022-34701
  critical
• CVE-2022-34691
  critical
• CVE-2022-34302
  high
• CVE-2022-35746
  critical
• CVE-2022-34713
  critical
• CVE-2022-35820
  critical
• CVE-2022-34696
  critical
• CVE-2022-33670
  critical
• CVE-2022-34706
  critical
• CVE-2022-34699
  critical
• CVE-2022-35754
  high
• CVE-2022-35748
  critical
• CVE-2022-30133
  critical
• CVE-2022-35758
  high
• CVE-2022-35755
  high
• CVE-2022-35797
  high
• CVE-2022-35749
  critical
• CVE-2022-35768
  critical
• CVE-2022-35752
  critical
• CVE-2022-34715
  critical
• CVE-2022-34710
  high
• CVE-2022-35756
  critical

Список KB

• 5016627
• 5016622
• 5016683
• 5016639
• 5016616
• 5016623
• 5016681
• 5012170
• 5016629

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com