KLA73222 Multiple vulnerabilities in Microsoft Products (ESU)

Multiple vulnerabilities were found in Microsoft Products (Extended Security Update). Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, bypass security restrictions, spoof user interface, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
2. A remote code execution vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to execute arbitrary code.
3. A denial of service vulnerability in Windows Standards-Based Storage Management Service can be exploited remotely to cause denial of service.
4. An elevation of privilege vulnerability in Kernel Streaming Service Driver can be exploited remotely to gain privileges.
5. A denial of service vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to cause denial of service.
6. An elevation of privilege vulnerability in Windows Installer can be exploited remotely to gain privileges.
7. A security feature bypass vulnerability in Windows Mark of the Web can be exploited remotely to bypass security restrictions.
8. A spoofing vulnerability in Windows MSHTML Platform can be exploited remotely to spoof user interface.
9. A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.
10. An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
11. An information disclosure vulnerability in Microsoft Windows Admin Center can be exploited remotely to obtain sensitive information.
12. An elevation of privilege vulnerability in Windows Kerberos can be exploited remotely to gain privileges.
13. A security feature bypass vulnerability in Windows Security Zone Mapping can be exploited remotely to bypass security restrictions.
14. An information disclosure vulnerability in Windows Kernel-Mode Driver can be exploited remotely to obtain sensitive information.
15. A spoofing vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to spoof user interface.
16. An information disclosure vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to obtain sensitive information.
17. A denial of service vulnerability in Windows Networking can be exploited remotely to cause denial of service.

Original advisories

CVE-2024-38250

CVE-2024-43454

CVE-2024-38260

CVE-2024-38247

CVE-2024-38230

CVE-2024-38245

CVE-2024-38231

CVE-2024-38014

CVE-2024-43487

CVE-2024-43461

CVE-2024-38236

CVE-2024-38240

CVE-2024-43475

CVE-2024-38239

CVE-2024-38263

CVE-2024-30073

CVE-2024-38256

CVE-2024-43455

CVE-2024-38217

CVE-2024-38249

CVE-2024-38258

CVE-2024-43467

CVE-2024-38234

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-Server-2008

CVE list

CVE-2024-38250 critical

CVE-2024-43454 high

CVE-2024-38260 critical

CVE-2024-38247 critical

CVE-2024-38230 high

CVE-2024-38245 critical

CVE-2024-38231 high

CVE-2024-38014 critical

CVE-2024-43487 high

CVE-2024-43461 critical

CVE-2024-38236 critical

CVE-2024-38240 critical

CVE-2024-43475 high

CVE-2024-38239 high

CVE-2024-38263 critical

CVE-2024-30073 critical

CVE-2024-38256 high

CVE-2024-43455 critical

CVE-2024-38217 high

CVE-2024-38249 critical

CVE-2024-38258 high

CVE-2024-43467 critical

CVE-2024-38234 high

KB list

5043125

5043087

5043129

5043135

5043092

5043049

5043138

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

• SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

• Windows Server 2012 R2 (Server Core installation)Windows Server 2012 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows Server 2008 R2 for x64-based Systems Service Pack 1Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows Server 2012Windows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for 32-bit Systems Service Pack 2