Kaspersky LabKLA49156KLA49156 Multiple vulnerabilities in Microsoft Products (ESU)
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.186 Low
EPSS
Percentile
96.3%
Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, gain privileges, cause denial of service, execute arbitrary code.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Windows iSCSI Target Service can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows MSHTML Platform can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Backup Service can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows NTLM Security Support Provider can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows Driver Revocation List can be exploited remotely to bypass security restrictions.
- A denial of service vulnerability in Remote Procedure Call Runtime can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows OLE can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Secure Socket Tunneling Protocol (SSTP) can be exploited remotely to execute arbitrary code.
- A denial of service vulnerability in Windows Pragmatic General Multicast (PGM) can be exploited remotely to cause denial of service.
- A security feature bypass vulnerability in Secure Boot can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows Pragmatic General Multicast (PGM) can be exploited remotely to execute arbitrary code.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
CVE-2023-29324 high
CVE-2023-24946 critical
CVE-2023-24900 high
CVE-2023-29325 critical
CVE-2023-24932 high
CVE-2023-24943 critical
CVE-2023-24945 high
CVE-2023-24942 critical
CVE-2023-28251 high
CVE-2023-28283 critical
CVE-2023-24940 critical
CVE-2023-24903 critical
CVE-2023-29336 critical
CVE-2023-24904 high
KB list
Solution
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
- OSI
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
- PE
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
Affected Products
- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 R2 for x64-based Systems Service Pack 1
References
support.microsoft.com/kb/5026366
support.microsoft.com/kb/5026408
support.microsoft.com/kb/5026413
support.microsoft.com/kb/5026426
support.microsoft.com/kb/5026427
support.microsoft.com/kb/5028222
support.microsoft.com/kb/5028226
support.microsoft.com/kb/5028240
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24900
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24903
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24904
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24932
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24940
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24942
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24943
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24945
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24946
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28251
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28283
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29324
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29325
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29336
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2008/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.6 High
AI Score
Confidence
High
0.186 Low
EPSS
Percentile
96.3%