KLA11534 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, gain privileges, cause denial of service, spoof user interface, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Windows Graphics Component can be exploited remotely via specially crafted document to obtain sensitive information.
2. A remote code execution vulnerability in Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
3. An elevation of privilege vulnerability in Windows can be exploited remotely via specially crafted application to gain privileges.
4. An elevation of privilege vulnerability in Windows Image can be exploited remotely via specially crafted application to gain privileges.
5. A denial of service vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to cause denial of service.
6. An information disclosure vulnerability in Windows Kernel can be exploited remotely via specially crafted application to obtain sensitive information.
7. A denial of service vulnerability in Windows can be exploited remotely via specially crafted application to cause denial of service.
8. An elevation of privilege vulnerability in DirectX can be exploited remotely via specially crafted application to gain privileges.
9. A remote code execution vulnerability in Microsoft Graphics can be exploited remotely via specially crafted embedded to execute arbitrary code.
10. Microsoft is aware of the Bluetooth BR/EDR key negotiation vulnerability that exists at the hardware specification level of any BR/EDR Bluetooth device. To address the vulnerability Microsoft has released an update that enforces a default minimum key length to ensure that the key negotiation does not trivialize the encryption.
11. A denial of service vulnerability in HTTP/2 Server can be exploited remotely via specially crafted to cause denial of service.
12. A remote code execution vulnerability in Remote Desktop Services can be exploited remotely via specially crafted requests to execute arbitrary code.
13. An information disclosure vulnerability in Microsoft Graphics Component can be exploited remotely via specially crafted application to obtain sensitive information.
14. A remote code execution vulnerability in Jet Database Engine can be exploited remotely via specially crafted file to execute arbitrary code.
15. An information disclosure vulnerability in SymCrypt can be exploited remotely via specially crafted application to obtain sensitive information.
16. A denial of service vulnerability in XmlLite Runtime can be exploited remotely via specially crafted requests to cause denial of service.
17. A security feature bypass vulnerability in Windows File Signature can be exploited remotely to bypass security restrictions.
18. An information disclosure vulnerability in Windows can be exploited remotely via specially crafted website to obtain sensitive information.
19. An elevation of privilege vulnerability in Windows Subsystem for Linux can be exploited remotely via specially crafted application to gain privileges.
20. A denial of service vulnerability in Windows DHCP Server can be exploited remotely via specially crafted packets to cause denial of service.
21. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely via specially crafted application to gain privileges.
22. A remote code execution vulnerability in LNK can be exploited remotely to execute arbitrary code.
23. An elevation of privilege vulnerability in Windows ALPC can be exploited remotely via specially crafted application to gain privileges.
24. A denial of service vulnerability in Windows Remote Desktop Protocol (RDP) can be exploited remotely via specially crafted requests to cause denial of service.
25. An elevation of privilege vulnerability in Microsoft Windows can be exploited remotely via specially crafted application to gain privileges.
26. A remote code execution vulnerability in Windows VBScript Engine can be exploited remotely.
27. An information disclosure vulnerability in Remote Desktop Protocol Server can be exploited remotely via specially crafted application to obtain sensitive information.
28. A remote code execution vulnerability in MS XML can be exploited remotely via specially crafted website to execute arbitrary code.
29. A remote code execution vulnerability in Windows DHCP Client can be exploited remotely via specially crafted to execute arbitrary code.
30. An elevation of privilege vulnerability in Microsoft Windows p2pimsvc can be exploited remotely via specially crafted application to gain privileges.
31. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely via specially crafted application to execute arbitrary code.
32. An elevation of privilege vulnerability in Windows NTFS can be exploited remotely via specially crafted application to gain privileges.

Original advisories

CVE-2019-1143

CVE-2019-0720

CVE-2019-1179

CVE-2019-1175

CVE-2019-1190

CVE-2019-0715

CVE-2019-1174

CVE-2019-1227

CVE-2019-0716

CVE-2019-1176

CVE-2019-1144

CVE-2019-9506

CVE-2019-9513

CVE-2019-1226

CVE-2019-1177

CVE-2019-1186

CVE-2019-9511

CVE-2019-1153

CVE-2019-1147

CVE-2019-1078

CVE-2019-1171

CVE-2019-0714

CVE-2019-1145

CVE-2019-9514

CVE-2019-1187

CVE-2019-1151

CVE-2019-9512

CVE-2019-1146

CVE-2019-1148

CVE-2019-1178

CVE-2019-1180

CVE-2019-1181

CVE-2019-1157

CVE-2019-1163

CVE-2019-0718

CVE-2019-1172

CVE-2019-1155

CVE-2019-0723

CVE-2019-1185

CVE-2019-1149

CVE-2019-1206

CVE-2019-1159

CVE-2019-1188

CVE-2019-1173

CVE-2019-1162

CVE-2019-1150

CVE-2019-1164

CVE-2019-9518

CVE-2019-1222

CVE-2019-1223

CVE-2019-1152

CVE-2019-1198

CVE-2019-1158

CVE-2019-1156

CVE-2019-1225

CVE-2019-1182

CVE-2019-1057

CVE-2019-1224

CVE-2019-0736

CVE-2019-1168

CVE-2019-0965

CVE-2019-0717

CVE-2019-1184

CVE-2019-1183

CVE-2019-1212

CVE-2019-1170

ADV190023

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Office

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Windows-RT

Microsoft-Windows-10

CVE list

CVE-2019-1143 high

CVE-2019-0720 critical

CVE-2019-1179 critical

CVE-2019-1175 critical

CVE-2019-1190 critical

CVE-2019-0715 high

CVE-2019-1174 critical

CVE-2019-1227 high

CVE-2019-0716 warning

CVE-2019-1176 critical

CVE-2019-1144 critical

CVE-2019-9506 critical

CVE-2019-9513 critical

CVE-2019-1226 critical

CVE-2019-1177 critical

CVE-2019-1186 critical

CVE-2019-9511 critical

CVE-2019-1153 high

CVE-2019-1147 critical

CVE-2019-1078 high

CVE-2019-1171 high

CVE-2019-0714 high

CVE-2019-1145 critical

CVE-2019-9514 critical

CVE-2019-1170 critical

CVE-2019-1187 critical

CVE-2019-1151 critical

CVE-2019-9512 critical

CVE-2019-1146 critical

CVE-2019-1148 high

CVE-2019-1178 critical

CVE-2019-1180 critical

CVE-2019-1181 critical

CVE-2019-1157 critical

CVE-2019-1163 high

CVE-2019-0718 high

CVE-2019-1172 warning

CVE-2019-1155 critical

CVE-2019-0723 high

CVE-2019-1185 critical

CVE-2019-1149 critical

CVE-2019-1206 critical

CVE-2019-1159 critical

CVE-2019-1188 critical

CVE-2019-1173 critical

CVE-2019-1212 critical

CVE-2019-1162 critical

CVE-2019-1150 critical

CVE-2019-1164 critical

CVE-2019-9518 critical

CVE-2019-1222 critical

CVE-2019-1223 critical

CVE-2019-1152 critical

CVE-2019-1198 high

CVE-2019-1158 high

CVE-2019-1183 critical

CVE-2019-1156 critical

CVE-2019-1225 critical

CVE-2019-1182 critical

CVE-2019-1057 critical

CVE-2019-1224 critical

CVE-2019-0736 critical

CVE-2019-1168 critical

CVE-2019-0965 critical

CVE-2019-0717 high

CVE-2019-1184 critical

KB list

4512516

4511553

4512501

4512497

4512517

4512488

4512508

4512507

4512489

4540673

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

• SUI

Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.

Affected Products

• Windows 10 Version 1903 for 32-bit SystemsWindows RT 8.1Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1Windows Server 2019Windows 10 Version 1803 for ARM64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows Server 2012 R2 (Server Core installation)Windows 10 Version 1809 for ARM64-based SystemsWindows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)Windows 10 Version 1607 for x64-based SystemsWindows 10 Version 1803 for 32-bit SystemsWindows Server 2012 (Server Core installation)Windows 10 for x64-based SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1709 for ARM64-based SystemsWindows 8.1 for x64-based systemsWindows Server 2012 R2Windows 7 for 32-bit Systems Service Pack 1Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)Windows 10 Version 1903 for ARM64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2008 for x64-based Systems Service Pack 2Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)Windows 10 Version 1703 for x64-based SystemsWindows 10 Version 1703 for 32-bit SystemsWindows Server 2008 for Itanium-Based Systems Service Pack 2Windows 10 Version 1803 for x64-based SystemsWindows 8.1 for 32-bit systemsWindows Server 2016Windows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2012Windows 10 Version 1903 for x64-based SystemsWindows Server 2008 R2 for x64-based Systems Service Pack 1Windows 10 Version 1709 for 32-bit SystemsWindows Server 2008 for 32-bit Systems Service Pack 2Windows 7 for x64-based Systems Service Pack 1Microsoft Office 2019 for MacMicrosoft Office 2010 Service Pack 2 (64-bit editions)Microsoft Office 2019 for 32-bit editionsOffice 365 ProPlus for 32-bit SystemsMicrosoft Office 2019 for 64-bit editionsOffice 365 ProPlus for 64-bit SystemsMicrosoft Office 2016 (64-bit edition)Microsoft Office 2016 (32-bit edition)Microsoft Office 2013 RT Service Pack 1Microsoft Office 2010 Service Pack 2 (32-bit editions)Microsoft Office 2013 Service Pack 1 (64-bit editions)Microsoft Office 2013 Service Pack 1 (32-bit editions)Windows Server, version 1909 (Server Core installation)Windows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1709 for x64-based SystemsWindows 10 Version 1909 for x64-based SystemsWindows 10 Version 1909 for 32-bit SystemsWindows Server, version 1709 (Server Core Installation)Windows Server 2016 (Server Core installation)Windows Server, version 1803 (Server Core Installation)Windows Server 2019 (Server Core installation)