Kaspersky LabKLA12139KLA12139 Multiple vulnerabilities in Microsoft Windows
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.8 High
AI Score
Confidence
High
0.154 Low
EPSS
Percentile
95.9%
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, execute arbitrary code, cause denial of service, spoof user interface.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Windows Event Tracing can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows Early Launch Antimalware Driver can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Remote Procedure Call Runtime can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in Azure AD Web Sign-in can be exploited remotely to bypass security restrictions.
- A remote code execution vulnerability in Raw Image Extension can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Console Driver can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Windows Overlay Filter can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Windows Media Video Decoder can be exploited remotely to execute arbitrary code.
- A spoofing vulnerability in Windows Installer can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in Microsoft Internet Messaging API can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in Windows Hyper-V can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in RPC Endpoint Mapper Service can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows SMB can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows Hyper-V can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Resource Manager PSM Service Extension can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Diagnostics Hub Standard Collector Service can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows GDI+ can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Services and Controller App can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Media Photo Codec can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Windows GDI+ can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows NTFS can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Windows Portmapping can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Event Tracing can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows TCP/IP Driver can be exploited remotely to cause denial of service.
- A denial of service vulnerability in Windows Application Compatibility Cache can be exploited remotely to cause denial of service.
- An information disclosure vulnerability in Windows DNS can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Secure Kernel Mode can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Speech Runtime can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft Windows Codecs Library can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
- A remote code execution vulnerability in VP9 Video Extensions can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows Installer can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
- A security feature bypass vulnerability in Windows WLAN AutoConfig Service can be exploited remotely to bypass security restrictions.
- A denial of service vulnerability in Windows AppX Deployment Server can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Windows TCP/IP can be exploited remotely to obtain sensitive information.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
CVE-2021-28435 high
CVE-2021-28447 warning
CVE-2021-27096 critical
CVE-2021-28330 critical
CVE-2021-28338 critical
CVE-2021-27092 high
CVE-2021-28329 critical
CVE-2021-28468 critical
CVE-2021-28438 high
CVE-2021-26417 high
CVE-2021-28332 critical
CVE-2021-28309 high
CVE-2021-28342 critical
CVE-2021-27095 critical
CVE-2021-28334 critical
CVE-2021-26413 high
CVE-2021-27089 critical
CVE-2021-27094 warning
CVE-2021-28358 critical
CVE-2021-28444 high
CVE-2021-28336 critical
CVE-2021-28440 high
CVE-2021-27091 critical
CVE-2021-28325 high
CVE-2021-28441 high
CVE-2021-28320 critical
CVE-2021-28322 critical
CVE-2021-28350 critical
CVE-2021-28335 critical
CVE-2021-28352 critical
CVE-2021-27086 critical
CVE-2021-27079 high
CVE-2021-28340 critical
CVE-2021-28318 high
CVE-2021-28312 warning
CVE-2021-28446 high
CVE-2021-27072 high
CVE-2021-28331 critical
CVE-2021-27088 critical
CVE-2021-28319 critical
CVE-2021-28311 high
CVE-2021-28466 critical
CVE-2021-28356 critical
CVE-2021-28328 high
CVE-2021-28349 critical
CVE-2021-28439 critical
CVE-2021-28313 critical
CVE-2021-28315 critical
CVE-2021-28344 critical
CVE-2021-27090 critical
CVE-2021-28355 critical
CVE-2021-28339 critical
CVE-2021-28351 critical
CVE-2021-28347 critical
CVE-2021-27093 high
CVE-2021-28317 high
CVE-2021-28345 critical
CVE-2021-28314 critical
CVE-2021-28464 critical
CVE-2021-28333 critical
CVE-2021-28323 high
CVE-2021-28434 critical
CVE-2021-28437 high
CVE-2021-26416 critical
CVE-2021-28316 warning
CVE-2021-28341 critical
CVE-2021-28321 critical
CVE-2021-28436 critical
CVE-2021-28337 critical
CVE-2021-28357 critical
CVE-2021-28310 critical
CVE-2021-28324 critical
CVE-2021-28326 high
CVE-2021-28445 critical
CVE-2021-28346 critical
CVE-2021-28327 critical
CVE-2021-28353 critical
CVE-2021-26415 critical
CVE-2021-28443 high
CVE-2021-28442 high
CVE-2021-28348 critical
CVE-2021-28354 critical
CVE-2021-28343 critical
KB list
Solution
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
- OSI
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
- PE
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
- SUI
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
Affected Products
- Windows 10 Version 2004 for ARM64-based SystemsWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows 10 for 32-bit SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows Server, version 1909 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows 10 Version 2004 for x64-based SystemsWindows 10 Version 1607 for x64-based SystemsWindows 7 for x64-based Systems Service Pack 1Windows 10 for x64-based SystemsMicrosoft Visual Studio 2019 version 16.7 (includes 16.0 – 16.6)Windows Server 2012 R2Microsoft Visual Studio 2019 version 16.4 (includes 16.0 - 16.3)Windows 10 Version 1909 for 32-bit SystemsWindows Server 2019Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)VP9 Video ExtensionsWindows 8.1 for x64-based systemsRaw Image ExtensionMicrosoft Visual Studio 2017 version 15.9 (includes 15.0 - 15.8)Windows 10 Version 1909 for x64-based SystemsMicrosoft Visual Studio 2015 Update 3Windows Server 2016Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2012 (Server Core installation)Windows 10 Version 2004 for 32-bit SystemsWindows Server 2019 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows RT 8.1Windows 10 Version 1607 for 32-bit SystemsWindows Server, version 2004 (Server Core installation)Windows 8.1 for 32-bit systemsWindows 10 Version 20H2 for ARM64-based SystemsWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows 10 Version 1803 for x64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows Server 2008 for 32-bit Systems Service Pack 2Windows Server, version 20H2 (Server Core Installation)Windows 10 Version 1809 for 32-bit SystemsWindows Server 2012Windows 10 Version 20H2 for x64-based SystemsWindows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Microsoft Visual Studio 2019 version 16.9 (includes 16.0 - 16.8)Windows 10 Version 20H2 for 32-bit SystemsWindows 7 for 32-bit Systems Service Pack 1
References
support.microsoft.com/kb/5001330
support.microsoft.com/kb/5001337
support.microsoft.com/kb/5001339
support.microsoft.com/kb/5001340
support.microsoft.com/kb/5001342
support.microsoft.com/kb/5001347
support.microsoft.com/kb/5001382
support.microsoft.com/kb/5001383
support.microsoft.com/kb/5001387
support.microsoft.com/kb/5001393
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-26413
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-26415
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-26416
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-26417
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27072
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27079
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27086
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27088
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27089
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27090
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27091
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27092
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27093
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27094
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27095
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-27096
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28309
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28310
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28311
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28312
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28313
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28314
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28315
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28316
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28317
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28318
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28319
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28320
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28321
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28322
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28323
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28324
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28325
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28326
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28327
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28328
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28329
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28330
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28331
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28332
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28333
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28334
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28335
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28336
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28337
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28338
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28339
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28340
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28341
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28342
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28343
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28344
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28345
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28346
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28347
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28348
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28349
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28350
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28351
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28352
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28353
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28354
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28355
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28356
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28357
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28358
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28434
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28435
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28436
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28437
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28438
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28439
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28440
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28441
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28442
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28443
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28444
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28445
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28446
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28447
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28464
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28466
api.msrc.microsoft.com/sug/v2.0/en-US/vulnerability/CVE-2021-28468
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Visual-Studio/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-7/
threats.kaspersky.com/en/product/Microsoft-Windows-8/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
threats.kaspersky.com/en/product/Windows-RT/
Related
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
9.8 High
AI Score
Confidence
High
0.154 Low
EPSS
Percentile
95.9%