KLA12142 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products (Extended Support Update). Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, gain privileges, bypass security restrictions, spoof user interface.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Remote Procedure Call Runtime can be exploited remotely to execute arbitrary code.
2. An information disclosure vulnerability in Windows DNS can be exploited remotely to obtain sensitive information.
3. A remote code execution vulnerability in Windows GDI+ can be exploited remotely to execute arbitrary code.
4. A denial of service vulnerability in Windows TCP/IP Driver can be exploited remotely to cause denial of service.
5. A remote code execution vulnerability in Windows Media Video Decoder can be exploited remotely to execute arbitrary code.
6. An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
7. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
8. An information disclosure vulnerability in Microsoft Windows Codecs Library can be exploited remotely to obtain sensitive information.
9. An information disclosure vulnerability in Windows Installer can be exploited remotely to obtain sensitive information.
10. A security feature bypass vulnerability in Windows WLAN AutoConfig Service can be exploited remotely to bypass security restrictions.
11. A remote code execution vulnerability in Microsoft Internet Messaging API can be exploited remotely to execute arbitrary code.
12. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
13. An elevation of privilege vulnerability in RPC Endpoint Mapper Service can be exploited remotely to gain privileges.
14. A remote code execution vulnerability in Windows Network File System can be exploited remotely to execute arbitrary code.
15. An information disclosure vulnerability in Windows GDI+ can be exploited remotely to obtain sensitive information.
16. An information disclosure vulnerability in Windows Portmapping can be exploited remotely to obtain sensitive information.
17. A denial of service vulnerability in Windows Console Driver can be exploited remotely to cause denial of service.
18. A spoofing vulnerability in Windows Installer can be exploited remotely to spoof user interface.

Original advisories

CVE-2021-28356

CVE-2021-28328

CVE-2021-28349

CVE-2021-28439

CVE-2021-28315

CVE-2021-27096

CVE-2021-28330

CVE-2021-28338

CVE-2021-28344

CVE-2021-28329

CVE-2021-28355

CVE-2021-28339

CVE-2021-28354

CVE-2021-28332

CVE-2021-28309

CVE-2021-27093

CVE-2021-28342

CVE-2021-28317

CVE-2021-28345

CVE-2021-27095

CVE-2021-28334

CVE-2021-28333

CVE-2021-28323

CVE-2021-28434

CVE-2021-28437

CVE-2021-28316

CVE-2021-28341

CVE-2021-27089

CVE-2021-28358

CVE-2021-28336

CVE-2021-28440

CVE-2021-28337

CVE-2021-27091

CVE-2021-28357

CVE-2021-28445

CVE-2021-28350

CVE-2021-28335

CVE-2021-28352

CVE-2021-28346

CVE-2021-28327

CVE-2021-28353

CVE-2021-28340

CVE-2021-28318

CVE-2021-28446

CVE-2021-26415

CVE-2021-28443

CVE-2021-28331

CVE-2021-28348

CVE-2021-26413

CVE-2021-28343

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Windows-RT

Microsoft-Windows-10

CVE list

CVE-2021-27096 critical

CVE-2021-28330 critical

CVE-2021-28338 critical

CVE-2021-28329 critical

CVE-2021-28332 critical

CVE-2021-28309 high

CVE-2021-28342 critical

CVE-2021-27095 critical

CVE-2021-28334 critical

CVE-2021-26413 high

CVE-2021-27089 critical

CVE-2021-28358 critical

CVE-2021-28336 critical

CVE-2021-28440 high

CVE-2021-27091 critical

CVE-2021-28350 critical

CVE-2021-28335 critical

CVE-2021-28352 critical

CVE-2021-28340 critical

CVE-2021-28318 high

CVE-2021-28446 high

CVE-2021-28331 critical

CVE-2021-28356 critical

CVE-2021-28328 high

CVE-2021-28349 critical

CVE-2021-28439 critical

CVE-2021-28315 critical

CVE-2021-28344 critical

CVE-2021-28355 critical

CVE-2021-28339 critical

CVE-2021-27093 high

CVE-2021-28317 high

CVE-2021-28345 critical

CVE-2021-28333 critical

CVE-2021-28323 high

CVE-2021-28434 critical

CVE-2021-28437 high

CVE-2021-28316 warning

CVE-2021-28341 critical

CVE-2021-28337 critical

CVE-2021-28357 critical

CVE-2021-28445 critical

CVE-2021-28346 critical

CVE-2021-28327 critical

CVE-2021-28353 critical

CVE-2021-26415 critical

CVE-2021-28443 high

CVE-2021-28348 critical

CVE-2021-28354 critical

CVE-2021-28343 critical

KB list

5001335

5001389

5001332

5001392

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

• SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

• Windows 10 Version 2004 for ARM64-based SystemsWindows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows 10 for 32-bit SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server, version 1909 (Server Core installation)Windows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 2004 for x64-based SystemsWindows 10 Version 1607 for x64-based SystemsWindows 7 for x64-based Systems Service Pack 1Windows 10 for x64-based SystemsWindows Server 2012 R2Windows 10 Version 1909 for 32-bit SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2019Windows 8.1 for x64-based systemsWindows 10 Version 1909 for x64-based SystemsWindows Server 2012 (Server Core installation)Windows Server 2016Windows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 2004 for 32-bit SystemsWindows Server 2019 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows RT 8.1Windows 10 Version 1607 for 32-bit SystemsWindows Server, version 2004 (Server Core installation)Windows 8.1 for 32-bit systemsWindows 10 Version 20H2 for ARM64-based SystemsWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows 10 Version 1803 for x64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows Server 2008 for 32-bit Systems Service Pack 2Windows Server, version 20H2 (Server Core Installation)Windows 10 Version 1809 for 32-bit SystemsWindows Server 2012Windows 10 Version 20H2 for x64-based SystemsWindows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 10 Version 20H2 for 32-bit SystemsWindows 7 for 32-bit Systems Service Pack 1