Test Kennung:	1.3.6.1.4.1.25623.1.0.832735
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Windows Multiple Vulnerabilities (KB5033372)
Zusammenfassung:	This host is missing an important security; update according to Microsoft KB5033372
Beschreibung:	Summary: This host is missing an important security update according to Microsoft KB5033372 Vulnerability Insight: Multiple flaws exist due to: - Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. - Internet Connection Sharing (ICS) Denial of Service Vulnerability. - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. For more information about the vulnerabilities refer to Reference links. Vulnerability Impact: Successful exploitation will allow an attacker to elevate privileges, execute arbitrary commands, disclose information, spoofing and conduct DoS attacks on an affected system. Affected Software/OS: - Microsoft Windows 10 Version 21H2 for 32-bit Systems - Microsoft Windows 10 Version 21H2 for x64-based Systems - Microsoft Windows 10 Version 22H2 for x64-based Systems - Microsoft Windows 10 Version 22H2 for 32-bit Systems Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-20588 Debian Security Information: DSA-5480 (Google Search) https://www.debian.org/security/2023/dsa-5480 Debian Security Information: DSA-5492 (Google Search) https://www.debian.org/security/2023/dsa-5492 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/ https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html http://www.openwall.com/lists/oss-security/2023/09/25/4 http://www.openwall.com/lists/oss-security/2023/09/25/7 http://www.openwall.com/lists/oss-security/2023/09/25/8 http://www.openwall.com/lists/oss-security/2023/09/25/3 http://www.openwall.com/lists/oss-security/2023/09/25/5 http://www.openwall.com/lists/oss-security/2023/09/26/5 http://www.openwall.com/lists/oss-security/2023/09/26/8 http://www.openwall.com/lists/oss-security/2023/09/26/9 http://www.openwall.com/lists/oss-security/2023/09/27/1 http://www.openwall.com/lists/oss-security/2023/10/03/12 http://www.openwall.com/lists/oss-security/2023/10/03/13 http://www.openwall.com/lists/oss-security/2023/10/03/14 http://www.openwall.com/lists/oss-security/2023/10/03/15 http://www.openwall.com/lists/oss-security/2023/10/03/9 http://www.openwall.com/lists/oss-security/2023/10/04/2 http://www.openwall.com/lists/oss-security/2023/10/03/16 http://www.openwall.com/lists/oss-security/2023/10/04/1 http://www.openwall.com/lists/oss-security/2023/10/04/3 http://www.openwall.com/lists/oss-security/2023/10/04/4 Common Vulnerability Exposure (CVE) ID: CVE-2023-35632 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35632 Common Vulnerability Exposure (CVE) ID: CVE-2023-35630 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35630 Common Vulnerability Exposure (CVE) ID: CVE-2023-35628 Windows MSHTML Platform Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35628 Common Vulnerability Exposure (CVE) ID: CVE-2023-35642 Internet Connection Sharing (ICS) Denial of Service Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35642 Common Vulnerability Exposure (CVE) ID: CVE-2023-35641 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35641 Common Vulnerability Exposure (CVE) ID: CVE-2023-35639 Microsoft ODBC Driver Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35639 Common Vulnerability Exposure (CVE) ID: CVE-2023-36006 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36006 Common Vulnerability Exposure (CVE) ID: CVE-2023-36005 Windows Telephony Server Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36005 Common Vulnerability Exposure (CVE) ID: CVE-2023-36004 Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36004 Common Vulnerability Exposure (CVE) ID: CVE-2023-36003 XAML Diagnostics Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36003 Common Vulnerability Exposure (CVE) ID: CVE-2023-36011 Win32k Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36011 Common Vulnerability Exposure (CVE) ID: CVE-2023-21740 Windows Media Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21740 Common Vulnerability Exposure (CVE) ID: CVE-2023-35644 Windows Sysmain Service Elevation of Privilege https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35644 Common Vulnerability Exposure (CVE) ID: CVE-2023-36696 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36696
Copyright	Copyright (C) 2023 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.