KLA12457 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows Print Spooler can be exploited remotely to gain privileges.
2. An information disclosure vulnerability in Windows Common Log File System Driver can be exploited remotely to obtain sensitive information.
3. A remote code execution vulnerability in HEVC Video Extensions can be exploited remotely to execute arbitrary code.
4. An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
5. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Named Pipe File System can be exploited remotely to gain privileges.
7. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
8. A denial of service vulnerability in Windows Common Log File System Driver can be exploited remotely to cause denial of service.
9. An elevation of privilege vulnerability in Windows DWM Core Library can be exploited remotely to gain privileges.
10. A remote code execution vulnerability in Roaming Security Rights Management Services can be exploited remotely to execute arbitrary code.
11. A denial of service vulnerability in Windows User Account Profile Picture can be exploited remotely to cause denial of service.
12. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
13. A remote code execution vulnerability in Windows Mobile Device Management can be exploited remotely to execute arbitrary code.
14. An information disclosure vulnerability in Windows Remote Access Connection Manager can be exploited remotely to obtain sensitive information.
15. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
16. A remote code execution vulnerability in Windows Runtime can be exploited remotely to execute arbitrary code.
17. A remote code execution vulnerability in Windows DNS Server can be exploited remotely to execute arbitrary code.
18. An information disclosure vulnerability in Windows Services for NFS ONCRPC XDR Driver can be exploited remotely to obtain sensitive information.
19. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
20. A remote code execution vulnerability in VP9 Video Extensions can be exploited remotely to execute arbitrary code.

Original advisories

CVE-2022-22717

CVE-2022-21998

CVE-2022-22718

CVE-2022-21926

CVE-2022-22001

CVE-2022-21981

CVE-2022-22715

CVE-2022-21995

CVE-2022-22710

CVE-2022-21994

CVE-2022-21927

CVE-2022-22002

CVE-2022-21997

CVE-2022-21996

CVE-2022-21992

CVE-2022-21985

CVE-2022-22712

CVE-2022-21971

CVE-2022-21844

CVE-2022-21984

CVE-2022-21999

CVE-2022-21993

CVE-2022-21989

CVE-2022-22709

CVE-2022-22000

CVE-2022-21974

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Windows-RT

Microsoft-Windows-10

Microsoft-Azure

Microsoft-Windows-Server-2016

Microsoft-Windows-Server-2019

CVE list

CVE-2022-22717 high

CVE-2022-21998 high

CVE-2022-22718 critical

CVE-2022-21926 critical

CVE-2022-22001 critical

CVE-2022-21981 critical

CVE-2022-22715 critical

CVE-2022-21995 critical

CVE-2022-22710 high

CVE-2022-21994 critical

CVE-2022-21974 critical

CVE-2022-21927 critical

CVE-2022-22002 high

CVE-2022-21997 high

CVE-2022-21996 critical

CVE-2022-21992 critical

CVE-2022-21985 high

CVE-2022-22712 high

CVE-2022-21971 critical

CVE-2022-21844 critical

CVE-2022-21984 critical

CVE-2022-21999 critical

CVE-2022-21993 critical

CVE-2022-21989 critical

CVE-2022-22709 critical

CVE-2022-22000 critical

KB list

5010419

5010395

5010358

5010359

5010392

5010412

5010351

5010342

5010345

5010354

5010386

5010456

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Windows 10 Version 21H1 for x64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows 11 for ARM64-based SystemsWindows Server 2019 (Server Core installation)Windows Server 2016 (Server Core installation)Windows 10 Version 21H2 for ARM64-based SystemsWindows Server 2016Windows 10 for 32-bit SystemsWindows 8.1 for x64-based systemsWindows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2012Windows Server, version 20H2 (Server Core Installation)Windows Server 2022 (Server Core installation)Windows 10 Version 20H2 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows 10 Version 1809 for 32-bit SystemsWindows 10 Version 21H1 for 32-bit SystemsWindows 10 Version 1909 for 32-bit SystemsWindows Server 2019Windows RT 8.1Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2012 R2Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows 10 Version 1607 for x64-based SystemsWindows 10 for x64-based SystemsWindows Server 2012 (Server Core installation)Windows 10 Version 21H2 for 32-bit SystemsWindows 10 Version 21H1 for ARM64-based SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2022Windows 10 Version 20H2 for ARM64-based SystemsWindows 8.1 for 32-bit systemsWindows 10 Version 20H2 for 32-bit SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1909 for x64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 7 for x64-based Systems Service Pack 1Windows Server 2022 Azure Edition Core HotpatchWindows 7 for 32-bit Systems Service Pack 1Windows 10 Version 1809 for ARM64-based SystemsWindows Server 2012 R2 (Server Core installation)Windows 11 for x64-based Systems