Multiple vulnerabilities in Microsoft Windows

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Windows Internet Storage Name Service (iSNS) Server can be exploited remotely to obtain sensitive information.
2. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
3. A remote code execution vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to execute arbitrary code.
4. A remote code execution vulnerability in Windows iSCSI Discovery Service can be exploited remotely to execute arbitrary code.
5. A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
6. A remote code execution vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to execute arbitrary code.
7. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
8. An information disclosure vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to obtain sensitive information.
9. A denial of service vulnerability in Windows Active Directory Domain Services API can be exploited remotely to cause denial of service.
10. A remote code execution vulnerability in Windows MSHTML Platform can be exploited remotely to execute arbitrary code.
11. A denial of service vulnerability in Windows Secure Channel can be exploited remotely to cause denial of service.
12. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
13. A denial of service vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to cause denial of service.
14. An elevation of privilege vulnerability in NT OS Kernel can be exploited remotely to gain privileges.
15. A remote code execution vulnerability in Windows Distributed File System (DFS) can be exploited remotely to execute arbitrary code.
16. An information disclosure vulnerability in HTTP.sys can be exploited remotely to obtain sensitive information.
17. A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
18. A denial of service vulnerability in Windows iSCSI Discovery Service can be exploited remotely to cause denial of service.
19. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
20. A denial of service vulnerability in Windows iSCSI Service can be exploited remotely to cause denial of service.
21. A remote code execution vulnerability in Windows Media can be exploited remotely to execute arbitrary code.
22. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
23. An information disclosure vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2023-21699
  CVE-2023-21804
  CVE-2023-21801
  CVE-2023-21803
  CVE-2023-21823
  CVE-2023-21689
  CVE-2023-21690
  CVE-2023-21817
  CVE-2023-21693
  CVE-2023-21816
  CVE-2023-21805
  CVE-2023-21819
  CVE-2023-21812
  CVE-2023-21701
  CVE-2023-21688
  CVE-2023-21822
  CVE-2023-21820
  CVE-2023-21687
  CVE-2023-21694
  CVE-2023-21695
  CVE-2023-21700
  CVE-2023-21685
  CVE-2023-21799
  CVE-2023-21818
  CVE-2023-21697
  CVE-2023-21811
  CVE-2023-21684
  CVE-2023-21692
  CVE-2023-21702
  CVE-2023-23376
  CVE-2023-21686
  CVE-2023-21802
  CVE-2023-21797
  CVE-2023-21813
  CVE-2023-21798
  CVE-2023-21691
  

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Windows
• Microsoft-Windows-Server
• Microsoft-Windows-Server-2012
• Microsoft-Windows-10
• Microsoft-Windows-Server-2016
• Microsoft-Windows-Server-2019
• Microsoft-Windows-11

Список CVE

• CVE-2023-21699
  high
• CVE-2023-21801
  critical
• CVE-2023-21803
  critical
• CVE-2023-21823
  critical
• CVE-2023-21689
  critical
• CVE-2023-21690
  critical
• CVE-2023-21817
  critical
• CVE-2023-21693
  high
• CVE-2023-21816
  critical
• CVE-2023-21805
  critical
• CVE-2023-21812
  critical
• CVE-2023-21701
  critical
• CVE-2023-21688
  critical
• CVE-2023-21822
  critical
• CVE-2023-21820
  high
• CVE-2023-21695
  critical
• CVE-2023-21694
  high
• CVE-2023-21700
  critical
• CVE-2023-21685
  critical
• CVE-2023-21799
  critical
• CVE-2023-21818
  critical
• CVE-2023-21697
  high
• CVE-2023-21811
  critical
• CVE-2023-21684
  critical
• CVE-2023-21692
  critical
• CVE-2023-21702
  critical
• CVE-2023-23376
  critical
• CVE-2023-21686
  critical
• CVE-2023-21802
  critical
• CVE-2023-21797
  critical
• CVE-2023-21813
  critical
• CVE-2023-21798
  critical
• CVE-2023-21691
  critical
• CVE-2023-21804
  critical
• CVE-2023-21819
  critical
• CVE-2023-21687
  high

Список KB

• 5022835
• 5022836
• 5022840
• 5022842
• 5022838
• 5022845
• 5022903
• 5022858
• 5022834
• 5022899
• 5022894
• 5022895
• 5022921

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com