KLA11394 Multiple vulnerabilities in Microsoft Windows

Multiple serious vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information and execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows Data Sharing Service can be exploited remotely via specially crafted application to gain privileges.
2. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
3. An elevation of privilege vulnerability in Windows Runtime can be exploited remotely via specially crafted application to gain privileges.
4. A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
5. An elevation of privilege vulnerability in Microsoft XmlDocument can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Microsoft Windows can be exploited remotely via specially crafted application to gain privileges.
7. A remote code execution vulnerability in Windows DHCP Client can be exploited remotely via specially crafted application to execute arbitrary code.
8. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
9. An information disclosure vulnerability in Windows Subsystem for Linux can be exploited remotely via specially crafted application to obtain sensitive information.
10. An elevation of privilege vulnerability in Windows COM can be exploited remotely via specially crafted application to gain privileges.

Original advisories

CVE-2019-0572

CVE-2019-0549

CVE-2019-0570

CVE-2019-0583

CVE-2019-0555

CVE-2019-0543

CVE-2019-0580

CVE-2019-0571

CVE-2019-0547

CVE-2019-0574

CVE-2019-0550

CVE-2019-0569

CVE-2019-0551

CVE-2019-0553

CVE-2019-0573

CVE-2019-0577

CVE-2019-0554

CVE-2019-0581

CVE-2019-0582

CVE-2019-0579

CVE-2019-0536

CVE-2019-0578

CVE-2019-0584

CVE-2019-0552

CVE-2019-0538

CVE-2019-0576

CVE-2019-0575

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

CVE list

CVE-2019-0572 high

CVE-2019-0549 warning

CVE-2019-0570 warning

CVE-2019-0583 critical

CVE-2019-0555 warning

CVE-2019-0543 warning

CVE-2019-0580 critical

CVE-2019-0571 high

CVE-2019-0547 critical

CVE-2019-0574 high

CVE-2019-0550 critical

CVE-2019-0569 warning

CVE-2019-0551 critical

CVE-2019-0553 warning

CVE-2019-0573 high

CVE-2019-0577 critical

CVE-2019-0554 warning

CVE-2019-0581 critical

CVE-2019-0582 critical

CVE-2019-0579 critical

CVE-2019-0536 warning

CVE-2019-0578 critical

CVE-2019-0584 critical

CVE-2019-0552 warning

CVE-2019-0538 critical

CVE-2019-0576 critical

CVE-2019-0575 critical

KB list

4480978

4480962

4480966

4480116

4480961

4480973

4480963

4480964

4480972

4480975

4487020

4487017

4486996

4487026

4487025

4487044

4487018

4487028

4487000

4486993

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Windows 10 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2016 (Server Core installation)Windows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1709 for ARM64-based SystemsWindows 10 Version 1803 for x64-based SystemsWindows Server 2019Windows 10 Version 1809 for 32-bit SystemsWindows 10 for x64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows Server, version 1709 (Server Core Installation)Windows Server, version 1803 (Server Core Installation)Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1703 for x64-based SystemsWindows 10 Version 1709 for 32-bit SystemsWindows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1709 for 64-based SystemsWindows Server 2019 (Server Core installation)Windows Server 2016Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1703 for 32-bit SystemsWindows 8.1 for x64-based systemsWindows Server 2012 R2 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows RT 8.1Windows Server 2008 for Itanium-Based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2Windows 8.1 for 32-bit systemsWindows Server 2012Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2012 R2Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2012 (Server Core installation)