Multiple vulnerabilities in Microsoft Products (ESU)

Описание

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information, cause denial of service, execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows ALPC can be exploited remotely to gain privileges.
2. A spoofing vulnerability in Windows CryptoAPI can be exploited remotely to spoof user interface.
3. An information disclosure vulnerability in Windows Graphics Component can be exploited remotely to obtain sensitive information.
4. An elevation of privilege vulnerability in Windows Group Policy can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Active Directory Domain Services can be exploited remotely to gain privileges.
6. A denial of service vulnerability in Windows Event Logging Service can be exploited remotely to cause denial of service.
7. A remote code execution vulnerability in Windows Point-to-Point Tunneling Protocol can be exploited remotely to execute arbitrary code.
8. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
9. An elevation of privilege vulnerability in Windows Group Policy Preference Client can be exploited remotely to gain privileges.
10. A denial of service vulnerability in Windows Secure Channel can be exploited remotely to cause denial of service.
11. A denial of service vulnerability in Windows TCP/IP Driver can be exploited remotely to cause denial of service.
12. An elevation of privilege vulnerability in Windows Workstation Service can be exploited remotely to gain privileges.
13. A denial of service vulnerability in Local Security Authority Subsystem Service (LSASS) can be exploited remotely to cause denial of service.
14. An information disclosure vulnerability in Windows Server Remotely Accessible Registry Keys can be exploited remotely to obtain sensitive information.
15. An elevation of privilege vulnerability in Windows Client Server Run-time Subsystem (CSRSS) can be exploited remotely to gain privileges.
16. A security feature bypass vulnerability in Windows Active Directory Certificate Services can be exploited remotely to bypass security restrictions.
17. An elevation of privilege vulnerability in Windows COM+ Event System Service can be exploited remotely to gain privileges.
18. A security feature bypass vulnerability in Windows Portable Device Enumerator Service can be exploited remotely to bypass security restrictions.
19. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
20. An elevation of privilege vulnerability in Active Directory Certificate Services can be exploited remotely to gain privileges.
21. A remote code execution vulnerability in Windows CD-ROM File System Driver can be exploited remotely to execute arbitrary code.
22. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
23. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
24. A remote code execution vulnerability in Windows GDI+ can be exploited remotely to execute arbitrary code.
25. An information disclosure vulnerability in Windows Security Support Provider Interface can be exploited remotely to obtain sensitive information.
26. An information disclosure vulnerability in Windows DHCP Client can be exploited remotely to obtain sensitive information.
27. An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
28. A spoofing vulnerability in Windows NTLM can be exploited remotely to spoof user interface.
29. An elevation of privilege vulnerability in Windows Storage can be exploited remotely to gain privileges.
30. An information disclosure vulnerability in Windows Kernel Memory can be exploited remotely to obtain sensitive information.
31. A denial of service vulnerability in Windows Point-to-Point Tunneling Protocol can be exploited remotely to cause denial of service.
32. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
33. An elevation of privilege vulnerability in Windows WLAN Service can be exploited remotely to gain privileges.
34. An elevation of privilege vulnerability in Server Service Remote Protocol can be exploited remotely to gain privileges.

Первичный источник обнаружения

• CVE-2022-41033
  CVE-2022-38029
  CVE-2022-37994
  CVE-2022-34689
  CVE-2022-37985
  CVE-2022-37975
  CVE-2022-37999
  CVE-2022-38032
  CVE-2022-38051
  CVE-2022-37976
  CVE-2022-38042
  CVE-2022-38047
  CVE-2022-38044
  CVE-2022-37981
  CVE-2022-24504
  CVE-2022-38040
  CVE-2022-33634
  CVE-2022-37990
  CVE-2022-37982
  CVE-2022-37997
  CVE-2022-33635
  CVE-2022-22035
  CVE-2022-38038
  CVE-2022-38043
  CVE-2022-37988
  CVE-2022-37991
  CVE-2022-37993
  CVE-2022-38026
  CVE-2022-38041
  CVE-2022-30198
  CVE-2022-33645
  CVE-2022-38034
  CVE-2022-37977
  CVE-2022-38033
  CVE-2022-38022
  CVE-2022-37986
  CVE-2022-38037
  CVE-2022-41081
  CVE-2022-37987
  CVE-2022-38031
  CVE-2022-38000
  CVE-2022-35770
  CVE-2022-37989
  CVE-2022-37978
  CVE-2022-38027
  CVE-2022-37996
  CVE-2022-37965
  CVE-2022-38028
  CVE-2022-37984
  CVE-2022-38045
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-7
• Microsoft-Windows-Server-2008

Список CVE

• CVE-2022-38029
  high
• CVE-2022-34689
  critical
• CVE-2022-37985
  high
• CVE-2022-37975
  critical
• CVE-2022-37996
  high
• CVE-2022-37965
  high
• CVE-2022-38042
  high
• CVE-2022-37984
  critical
• CVE-2022-37981
  warning
• CVE-2022-24504
  critical
• CVE-2022-33634
  critical
• CVE-2022-37990
  critical
• CVE-2022-38038
  critical
• CVE-2022-37991
  critical
• CVE-2022-37993
  critical
• CVE-2022-38041
  critical
• CVE-2022-38027
  high
• CVE-2022-33645
  critical
• CVE-2022-38034
  critical
• CVE-2022-37977
  high
• CVE-2022-38033
  high
• CVE-2022-38037
  critical
• CVE-2022-38028
  critical
• CVE-2022-38000
  critical
• CVE-2022-37989
  critical
• CVE-2022-37978
  critical
• CVE-2022-41033
  critical
• CVE-2022-37994
  critical
• CVE-2022-37999
  critical
• CVE-2022-38032
  high
• CVE-2022-38045
  critical
• CVE-2022-38051
  critical
• CVE-2022-37976
  critical
• CVE-2022-38047
  critical
• CVE-2022-38044
  critical
• CVE-2022-38040
  critical
• CVE-2022-37982
  critical
• CVE-2022-37997
  critical
• CVE-2022-33635
  critical
• CVE-2022-22035
  critical
• CVE-2022-38043
  high
• CVE-2022-37988
  critical
• CVE-2022-38026
  high
• CVE-2022-30198
  critical
• CVE-2022-38022
  warning
• CVE-2022-37986
  critical
• CVE-2022-41081
  critical
• CVE-2022-37987
  critical
• CVE-2022-38031
  critical
• CVE-2022-35770
  high

Список KB

• 5016672
• 5016622
• 5016683
• 5016684
• 5016681
• 5016686
• 5016669
• 5016679
• 5016676
• 5018474
• 5018478
• 5018476
• 5018457
• 5018446
• 5018479
• 5018450
• 5018454

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com