KLA63958 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, obtain sensitive information, gain privileges, spoof user interface, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Windows Kernel can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Windows Pragmatic General Multicast (PGM) can be exploited remotely to execute arbitrary code.
4. A denial of service vulnerability in Windows DNS Client can be exploited remotely to cause denial of service.
5. A remote code execution vulnerability in Microsoft ActiveX Data Objects can be exploited remotely to execute arbitrary code.
6. An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
7. A DNSSEC verification vulnerability can be exploited remotely to cause denial of service.
8. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
9. An elevation of privilege vulnerability in Trusted Compute Base can be exploited remotely to gain privileges.
10. A denial of service vulnerability in Internet Connection Sharing (ICS) can be exploited remotely to cause denial of service.
11. A remote code execution vulnerability in Windows USB Generic Parent Driver can be exploited remotely to execute arbitrary code.
12. A remote code execution vulnerability in Microsoft WDAC ODBC Driver can be exploited remotely to execute arbitrary code.
13. An elevation of privilege vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to gain privileges.
14. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
15. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
16. A spoofing vulnerability in Windows Printing Service can be exploited remotely to spoof user interface.
17. A denial of service vulnerability in Windows Network Address Translation (NAT) can be exploited remotely to cause denial of service.
18. An information disclosure vulnerability in Windows DNS can be exploited remotely to obtain sensitive information.
19. A denial of service vulnerability in Windows Lightweight Directory Access Protocol (LDAP) can be exploited remotely to cause denial of service.
20. A remote code execution vulnerability in Windows OLE can be exploited remotely to execute arbitrary code.
21. A security feature bypass vulnerability in Windows Kernel can be exploited remotely to bypass security restrictions.
22. A remote code execution vulnerability in Microsoft ODBC Driver can be exploited remotely to execute arbitrary code.
23. A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
24. A security feature bypass vulnerability in Windows SmartScreen can be exploited remotely to bypass security restrictions.
25. A security feature bypass vulnerability in Internet Shortcut Files can be exploited remotely to bypass security restrictions.

Original advisories

CVE-2024-21341

CVE-2024-21365

CVE-2024-21342

CVE-2024-21359

CVE-2024-21368

CVE-2024-21367

CVE-2024-21349

CVE-2024-21340

CVE-2023-50387

CVE-2024-21338

CVE-2024-21304

CVE-2024-21348

CVE-2024-21339

CVE-2024-21360

CVE-2024-21370

CVE-2024-21353

CVE-2024-21405

CVE-2024-21355

CVE-2024-21420

CVE-2024-21358

CVE-2024-21361

CVE-2024-21369

CVE-2024-21346

CVE-2024-21406

CVE-2024-21350

CVE-2024-21345

CVE-2024-21344

CVE-2024-21371

CVE-2024-21377

CVE-2024-21354

CVE-2024-21356

CVE-2024-21391

CVE-2024-21372

CVE-2024-21343

CVE-2024-21352

CVE-2024-21375

CVE-2024-21362

CVE-2024-21347

CVE-2024-21366

CVE-2024-21363

CVE-2024-21351

CVE-2024-21412

CVE-2024-21357

CVE-2024-20684

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-10

Microsoft-Windows-Server-2016

Microsoft-Windows-Server-2019

Microsoft-Windows-11

CVE list

CVE-2024-21341 high

CVE-2024-21365 critical

CVE-2024-21357 critical

CVE-2024-21342 critical

CVE-2024-21359 critical

CVE-2024-21368 critical

CVE-2024-21367 critical

CVE-2024-21349 critical

CVE-2024-21340 warning

CVE-2023-50387 critical

CVE-2024-21338 critical

CVE-2024-21304 warning

CVE-2024-21348 critical

CVE-2024-21339 high

CVE-2024-21360 critical

CVE-2024-21370 critical

CVE-2024-21353 critical

CVE-2024-21405 high

CVE-2024-21355 high

CVE-2024-21420 critical

CVE-2024-21358 critical

CVE-2024-21361 critical

CVE-2024-20684 high

CVE-2024-21369 critical

CVE-2024-21346 critical

CVE-2024-21406 critical

CVE-2024-21350 critical

CVE-2024-21345 critical

CVE-2024-21344 high

CVE-2024-21371 high

CVE-2024-21377 high

CVE-2024-21354 critical

CVE-2024-21356 high

CVE-2024-21391 critical

CVE-2024-21372 critical

CVE-2024-21343 critical

CVE-2024-21352 critical

CVE-2024-21375 critical

CVE-2024-21362 high

CVE-2024-21347 critical

CVE-2024-21366 critical

CVE-2024-21363 critical

CVE-2024-21351 critical

CVE-2024-21412 critical

KB list

5034765

5034766

5034774

5034767

5034763

5034768

5034770

5034769

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

• SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

• LoI

Loss of integrity. Exploitation of vulnerabilities with this impact can lead to partial system fault or system components connection disruption.

Affected Products

• Windows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows 10 Version 1607 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 10 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 for x64-based SystemsWindows Server 2019 (Server Core installation)Windows 10 Version 22H2 for 32-bit SystemsWindows Server 2016Windows Server 2022Windows 11 Version 23H2 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2016 (Server Core installation)Windows 10 Version 21H2 for ARM64-based SystemsWindows Server 2022 (Server Core installation)Windows 10 Version 21H2 for x64-based SystemsWindows Server 2019Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 21H2 for 32-bit SystemsWindows 10 Version 22H2 for x64-based Systems