KLA60563 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, obtain sensitive information, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A denial of service vulnerability in Windows TCP/IP can be exploited remotely to cause denial of service.
2. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
3. An information disclosure vulnerability in DHCP Server Service can be exploited remotely to obtain sensitive information.
4. An elevation of privilege vulnerability in Windows GDI can be exploited remotely to gain privileges.
5. An information disclosure vulnerability in Windows TCP/IP can be exploited remotely to obtain sensitive information.
6. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
7. A security feature bypass vulnerability in Windows MSHTML Platform can be exploited remotely to bypass security restrictions.
8. A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.

Original advisories

CVE-2023-38149

CVE-2023-38141

CVE-2023-36801

CVE-2023-36804

CVE-2023-38160

CVE-2023-38143

CVE-2023-38144

CVE-2023-38152

CVE-2023-38161

CVE-2023-38142

CVE-2023-38139

CVE-2023-36805

CVE-2023-38162

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-Server-2008

CVE list

CVE-2023-38149 critical

CVE-2023-38141 critical

CVE-2023-36801 high

CVE-2023-36804 critical

CVE-2023-38160 high

CVE-2023-38143 critical

CVE-2023-38144 critical

CVE-2023-38152 high

CVE-2023-38161 critical

CVE-2023-38142 critical

CVE-2023-38139 critical

CVE-2023-38162 critical

CVE-2023-36805 high

KB list

5030261

5030271

5030286

5030265

5030287

5030209

5030269

5030279

5030278

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 for 32-bit Systems Service Pack 2Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows Server 2012 R2