ID de Prueba:	1.3.6.1.4.1.25623.1.0.832734
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Windows Multiple Vulnerabilities (KB5033373)
Resumen:	This host is missing an important security; update according to Microsoft KB5033373
Descripción:	Summary: This host is missing an important security update according to Microsoft KB5033373 Vulnerability Insight: Multiple flaws exist due to: - Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. - Windows MSHTML Platform Remote Code Execution Vulnerability. - Internet Connection Sharing (ICS) Denial of Service Vulnerability. For more information about the vulnerabilities refer to Reference links. Vulnerability Impact: Successful exploitation will allow an attacker to elevate privileges, execute arbitrary commands, disclose information, spoofing and conduct DoS attacks on an affected system. Affected Software/OS: - Microsoft Windows 10 Version 1607 for 32-bit Systems - Microsoft Windows 10 Version 1607 for x64-based Systems - Microsoft Windows Server 2016 Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-35622 Windows DNS Spoofing Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35622 Common Vulnerability Exposure (CVE) ID: CVE-2023-20588 Debian Security Information: DSA-5480 (Google Search) https://www.debian.org/security/2023/dsa-5480 Debian Security Information: DSA-5492 (Google Search) https://www.debian.org/security/2023/dsa-5492 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/ https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html http://www.openwall.com/lists/oss-security/2023/09/25/4 http://www.openwall.com/lists/oss-security/2023/09/25/7 http://www.openwall.com/lists/oss-security/2023/09/25/8 http://www.openwall.com/lists/oss-security/2023/09/25/3 http://www.openwall.com/lists/oss-security/2023/09/25/5 http://www.openwall.com/lists/oss-security/2023/09/26/5 http://www.openwall.com/lists/oss-security/2023/09/26/8 http://www.openwall.com/lists/oss-security/2023/09/26/9 http://www.openwall.com/lists/oss-security/2023/09/27/1 http://www.openwall.com/lists/oss-security/2023/10/03/12 http://www.openwall.com/lists/oss-security/2023/10/03/13 http://www.openwall.com/lists/oss-security/2023/10/03/14 http://www.openwall.com/lists/oss-security/2023/10/03/15 http://www.openwall.com/lists/oss-security/2023/10/03/9 http://www.openwall.com/lists/oss-security/2023/10/04/2 http://www.openwall.com/lists/oss-security/2023/10/03/16 http://www.openwall.com/lists/oss-security/2023/10/04/1 http://www.openwall.com/lists/oss-security/2023/10/04/3 http://www.openwall.com/lists/oss-security/2023/10/04/4 Common Vulnerability Exposure (CVE) ID: CVE-2023-35632 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35632 Common Vulnerability Exposure (CVE) ID: CVE-2023-35630 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35630 Common Vulnerability Exposure (CVE) ID: CVE-2023-35628 Windows MSHTML Platform Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35628 Common Vulnerability Exposure (CVE) ID: CVE-2023-35643 DHCP Server Service Information Disclosure Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35643 Common Vulnerability Exposure (CVE) ID: CVE-2023-35642 Internet Connection Sharing (ICS) Denial of Service Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35642 Common Vulnerability Exposure (CVE) ID: CVE-2023-35641 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35641 Common Vulnerability Exposure (CVE) ID: CVE-2023-35639 Microsoft ODBC Driver Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35639 Common Vulnerability Exposure (CVE) ID: CVE-2023-35638 DHCP Server Service Denial of Service Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35638 Common Vulnerability Exposure (CVE) ID: CVE-2023-36006 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36006 Common Vulnerability Exposure (CVE) ID: CVE-2023-36005 Windows Telephony Server Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36005 Common Vulnerability Exposure (CVE) ID: CVE-2023-36004 Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36004 Common Vulnerability Exposure (CVE) ID: CVE-2023-36003 XAML Diagnostics Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36003 Common Vulnerability Exposure (CVE) ID: CVE-2023-36011 Win32k Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36011 Common Vulnerability Exposure (CVE) ID: CVE-2023-21740 Windows Media Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21740 Common Vulnerability Exposure (CVE) ID: CVE-2023-36012 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36012
Copyright	Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.