Kaspersky Threats

Дата обнаружения

14/02/2023

Уровень угрозы

Critical

Описание

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, gain privileges, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

An information disclosure vulnerability in Windows Internet Storage Name Service (iSNS) Server can be exploited remotely to obtain sensitive information.
An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
A remote code execution vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Windows iSCSI Discovery Service can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
A remote code execution vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to execute arbitrary code.
An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
An information disclosure vulnerability in Microsoft PostScript Printer Driver can be exploited remotely to obtain sensitive information.
A denial of service vulnerability in Windows Active Directory Domain Services API can be exploited remotely to cause denial of service.
A remote code execution vulnerability in Windows MSHTML Platform can be exploited remotely to execute arbitrary code.
A denial of service vulnerability in Windows Secure Channel can be exploited remotely to cause denial of service.
An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
A denial of service vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to cause denial of service.
An elevation of privilege vulnerability in NT OS Kernel can be exploited remotely to gain privileges.
A remote code execution vulnerability in Windows Distributed File System (DFS) can be exploited remotely to execute arbitrary code.
An information disclosure vulnerability in HTTP.sys can be exploited remotely to obtain sensitive information.
A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
A denial of service vulnerability in Windows iSCSI Discovery Service can be exploited remotely to cause denial of service.
A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
A denial of service vulnerability in Windows iSCSI Service can be exploited remotely to cause denial of service.
A remote code execution vulnerability in Windows Media can be exploited remotely to execute arbitrary code.
A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
An information disclosure vulnerability in Microsoft Protected Extensible Authentication Protocol (PEAP) can be exploited remotely to obtain sensitive information.

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Пораженные продукты

Windows Server 2019 (Server Core installation)
Windows 11 Version 22H2 for x64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 10 Version 22H2 for x64-based Systems
Windows Server 2012 R2 (Server Core installation)
Windows Server 2019
Windows 10 Version 1809 for x64-based Systems
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows Server 2022 (Server Core installation)
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 for 32-bit Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows 10 Version 22H2 for ARM64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 21H2 for x64-based Systems
Windows Server 2012
Windows 11 version 21H2 for x64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 1809 for 32-bit Systems
Windows 10 for x64-based Systems
Windows Server 2012 R2
Windows 10 Version 22H2 for 32-bit Systems
Windows Server 2022
Windows Server 2012 (Server Core installation)
Windows Server 2016
Windows Server 2016 (Server Core installation)
Windows 10 Version 20H2 for x64-based Systems

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения

CVE-2023-21699
CVE-2023-21804
CVE-2023-21801
CVE-2023-21803
CVE-2023-21823
CVE-2023-21689
CVE-2023-21690
CVE-2023-21817
CVE-2023-21693
CVE-2023-21816
CVE-2023-21805
CVE-2023-21819
CVE-2023-21812
CVE-2023-21701
CVE-2023-21688
CVE-2023-21822
CVE-2023-21820
CVE-2023-21687
CVE-2023-21694
CVE-2023-21695
CVE-2023-21700
CVE-2023-21685
CVE-2023-21799
CVE-2023-21818
CVE-2023-21697
CVE-2023-21811
CVE-2023-21684
CVE-2023-21692
CVE-2023-21702
CVE-2023-23376
CVE-2023-21686
CVE-2023-21802
CVE-2023-21797
CVE-2023-21813
CVE-2023-21798
CVE-2023-21691

Оказываемое влияние

?

ACE

[?]

OSI

[?]

DoS

[?]

PE

[?]

Связанные продукты

Microsoft Windows
Microsoft Windows Server
Microsoft Windows Server 2012
Microsoft Windows 10
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows 11

CVE-IDS

KB list

5022835
5022836
5022840
5022842
5022838
5022845
5022903
5022858
5022834
5022899
5022894
5022895
5022921

KLA20233Multiple vulnerabilities in Microsoft Windows

KLA20233
Multiple vulnerabilities in Microsoft Windows