KLA60566 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, obtain sensitive information, bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A denial of service vulnerability in Windows TCP/IP can be exploited remotely to cause denial of service.
2. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
3. An information disclosure vulnerability in DHCP Server Service can be exploited remotely to obtain sensitive information.
4. An elevation of privilege vulnerability in Windows GDI can be exploited remotely to gain privileges.
5. An information disclosure vulnerability in Windows TCP/IP can be exploited remotely to obtain sensitive information.
6. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
7. A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.
8. An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
9. An elevation of privilege vulnerability in Microsoft Streaming Service Proxy can be exploited remotely to gain privileges.
10. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
11. A security feature bypass vulnerability in Windows MSHTML Platform can be exploited remotely to bypass security restrictions.
12. A remote code execution vulnerability in Windows Miracast Wireless Display can be exploited remotely to execute arbitrary code.
13. A remote code execution vulnerability in Internet Connection Sharing (ICS) can be exploited remotely to execute arbitrary code.
14. A remote code execution vulnerability in Windows Themes can be exploited remotely to execute arbitrary code.
15. A heap buffer overflow vulnerability in WebP can be exploited to cause denial of service.

Original advisories

CVE-2023-38162

CVE-2023-35355

CVE-2023-38141

CVE-2023-36802

CVE-2023-36804

CVE-2023-38160

CVE-2023-38143

CVE-2023-38144

CVE-2023-38150

CVE-2023-38152

CVE-2023-38142

CVE-2023-38149

CVE-2023-36803

CVE-2023-36805

CVE-2023-38140

CVE-2023-38147

CVE-2023-36801

CVE-2023-38148

CVE-2023-38146

CVE-2023-38161

CVE-2023-38139

CVE-2023-4863

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-10

Microsoft-Windows-Server-2016

Microsoft-Windows-Server-2019

Microsoft-Windows-11

CVE list

CVE-2023-4863 critical

CVE-2023-38149 critical

CVE-2023-38141 critical

CVE-2023-36801 high

CVE-2023-36804 critical

CVE-2023-38160 high

CVE-2023-38143 critical

CVE-2023-38144 critical

CVE-2023-38152 high

CVE-2023-38161 critical

CVE-2023-38142 critical

CVE-2023-38139 critical

CVE-2023-38162 critical

CVE-2023-35355 critical

CVE-2023-36802 critical

CVE-2023-38150 critical

CVE-2023-36803 high

CVE-2023-36805 high

CVE-2023-38140 high

CVE-2023-38147 critical

CVE-2023-38148 critical

CVE-2023-38146 critical

KB list

5030214

5030325

5030213

5030211

5030217

5030219

5030216

5030220

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Windows Server 2019Windows 10 Version 21H2 for x64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 22H2 for ARM64-based SystemsWindows Server 2012 R2 (Server Core installation)Windows Server 2012 R2Windows 10 Version 1607 for x64-based SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2016 (Server Core installation)Windows 10 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows Server 2019 (Server Core installation)Windows Server 2012 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows Server 2022 (Server Core installation)Windows 10 Version 22H2 for x64-based SystemsWindows Server 2022Windows 10 for 32-bit SystemsWindows Server 2012Windows 11 Version 22H2 for x64-based SystemsWindows Server 2016Windows 10 Version 1607 for 32-bit SystemsWebP Image Extension