ID de Prueba:	1.3.6.1.4.1.25623.1.0.817782
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Multiple Vulnerabilities (KB5014748)
Resumen:	This host is missing an important security; update according to Microsoft KB5014748
Descripción:	Summary: This host is missing an important security update according to Microsoft KB5014748 Vulnerability Insight: Multiple flaws exist due to: - An elevation of privilege vulnerability in Local Security Authority Subsystem Service. - A Remote Code Execution Vulnerability in Windows Hyper-V. - A Denial of Service Vulnerability in Windows Kernel. The flaw in the Microsoft Windows Support Diagnostic Tool (MSDT) and tracked via CVE-2022-30190 is dubbed 'Follina'. Please see the references for more information about the vulnerabilities. Vulnerability Impact: Successful exploitation will allow an attacker to elevate privileges, execute arbitrary commands, disclose information and conduct DoS attacks. Affected Software/OS: - Microsoft Windows 7 for 32-bit Systems Service Pack 1 - Microsoft Windows 7 for x64-based Systems Service Pack 1 - Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2022-21123 Debian Security Information: DSA-5173 (Google Search) https://www.debian.org/security/2022/dsa-5173 Debian Security Information: DSA-5178 (Google Search) https://www.debian.org/security/2022/dsa-5178 Debian Security Information: DSA-5184 (Google Search) https://www.debian.org/security/2022/dsa-5184 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/ https://security.gentoo.org/glsa/202208-23 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html http://www.openwall.com/lists/oss-security/2022/06/16/1 Common Vulnerability Exposure (CVE) ID: CVE-2022-21125 Common Vulnerability Exposure (CVE) ID: CVE-2022-21127 Common Vulnerability Exposure (CVE) ID: CVE-2022-21166 Common Vulnerability Exposure (CVE) ID: CVE-2022-30135 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30135 Common Vulnerability Exposure (CVE) ID: CVE-2022-30140 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30140 Common Vulnerability Exposure (CVE) ID: CVE-2022-30141 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30141 Common Vulnerability Exposure (CVE) ID: CVE-2022-30142 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30142 Common Vulnerability Exposure (CVE) ID: CVE-2022-30143 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30143 Common Vulnerability Exposure (CVE) ID: CVE-2022-30146 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30146 Common Vulnerability Exposure (CVE) ID: CVE-2022-30147 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30147 Common Vulnerability Exposure (CVE) ID: CVE-2022-30149 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30149 Common Vulnerability Exposure (CVE) ID: CVE-2022-30151 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30151 Common Vulnerability Exposure (CVE) ID: CVE-2022-30152 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30152 Common Vulnerability Exposure (CVE) ID: CVE-2022-30153 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30153 Common Vulnerability Exposure (CVE) ID: CVE-2022-30155 http://packetstormsecurity.com/files/167755/Windows-Kernel-nt-MiRelocateImage-Invalid-Read.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30155 Common Vulnerability Exposure (CVE) ID: CVE-2022-30160 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30160 Common Vulnerability Exposure (CVE) ID: CVE-2022-30161 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30161 Common Vulnerability Exposure (CVE) ID: CVE-2022-30163 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30163 Common Vulnerability Exposure (CVE) ID: CVE-2022-30166 http://packetstormsecurity.com/files/167754/Windows-LSA-Service-LsapGetClientInfo-Impersonation-Level-Check-Privilege-Escalation.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30166 Common Vulnerability Exposure (CVE) ID: CVE-2022-30190 http://packetstormsecurity.com/files/167438/Microsoft-Office-Word-MSDTJS-Code-Execution.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30190
Copyright	Copyright (C) 2022 Greenbone Networks GmbH

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.