Kaspersky LabKLA48845KLA48845 Multiple vulnerabilities in Microsoft Windows
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.96 High
EPSS
Percentile
99.0%
Detect date:
04/11/2023
Severity:
Critical
Description:
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service, gain privileges, bypass security restrictions, spoof user interface.
Exploitation:
Public exploits exist for this vulnerability.
Affected products:
Windows 10 Version 22H2 for 32-bit Systems
Windows 10 for x64-based Systems
Windows Server 2016 (Server Core installation)
Windows 10 Version 21H2 for 32-bit Systems
Windows 10 Version 1809 for 32-bit Systems
Windows Server 2012
Windows 10 Version 1607 for x64-based Systems
Windows 10 Version 22H2 for x64-based Systems
Windows Server 2012 R2
Windows 11 Version 22H2 for x64-based Systems
Windows Server 2012 (Server Core installation)
Windows 10 Version 1809 for x64-based Systems
Windows Server 2022 (Server Core installation)
Windows 11 version 21H2 for x64-based Systems
Windows Server 2022
Windows 10 Version 20H2 for x64-based Systems
Windows 10 Version 21H2 for ARM64-based Systems
Windows 10 for 32-bit Systems
Windows Server 2016
Windows Server 2019
Windows 10 Version 21H2 for x64-based Systems
Windows 10 Version 20H2 for 32-bit Systems
Windows 10 Version 20H2 for ARM64-based Systems
Windows 10 Version 1607 for 32-bit Systems
Windows 11 Version 22H2 for ARM64-based Systems
Windows 10 Version 1809 for ARM64-based Systems
Windows Server 2012 R2 (Server Core installation)
Raw Image Extension
Windows 10 Version 22H2 for ARM64-based Systems
Windows 11 version 21H2 for ARM64-based Systems
Windows Server 2019 (Server Core installation)
Remote Desktop client for Windows Desktop
Solution:
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories:
CVE-2023-28267
CVE-2023-24887
CVE-2023-24883
CVE-2023-28233
CVE-2023-28243
CVE-2023-28244
CVE-2023-28308
CVE-2023-28274
CVE-2023-28221
CVE-2023-28218
CVE-2023-28229
CVE-2023-28249
CVE-2023-28266
CVE-2023-28293
CVE-2023-28231
CVE-2023-24886
CVE-2023-24929
CVE-2023-28237
CVE-2023-28219
CVE-2023-28225
CVE-2023-28275
CVE-2023-28248
CVE-2023-24912
CVE-2023-28236
CVE-2023-28255
CVE-2023-28217
CVE-2023-28216
CVE-2023-24928
CVE-2023-28302
CVE-2023-28227
CVE-2023-28276
CVE-2023-21727
CVE-2023-28307
CVE-2023-28234
CVE-2023-24925
CVE-2023-28223
CVE-2023-28246
CVE-2023-24914
CVE-2023-21729
CVE-2023-21769
CVE-2023-28272
CVE-2023-28306
CVE-2023-28298
CVE-2023-28273
CVE-2023-28269
CVE-2023-28228
CVE-2023-28240
CVE-2023-28238
CVE-2023-28250
CVE-2023-28252
CVE-2023-24931
CVE-2023-28277
CVE-2023-28226
CVE-2023-28232
CVE-2023-28291
CVE-2023-21554
CVE-2023-28271
CVE-2023-28253
CVE-2023-28254
CVE-2023-28268
CVE-2023-28270
CVE-2023-24924
CVE-2023-28305
CVE-2023-28241
CVE-2023-28256
CVE-2023-28235
CVE-2023-28278
CVE-2023-28224
CVE-2023-28222
CVE-2023-24885
CVE-2023-28292
CVE-2023-24927
CVE-2023-24884
CVE-2023-28220
CVE-2023-28297
CVE-2023-28247
CVE-2023-24926
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2023-282727.8Critical
CVE-2023-283066.6High
CVE-2023-282985.5High
CVE-2023-282676.5High
CVE-2023-282285.5High
CVE-2023-282408.8Critical
CVE-2023-282387.5Critical
CVE-2023-282509.8Critical
CVE-2023-283086.6High
CVE-2023-282448.1Critical
CVE-2023-282527.8Critical
CVE-2023-282187.0High
CVE-2023-249317.5Critical
CVE-2023-282297.0High
CVE-2023-282937.8Critical
CVE-2023-282318.8Critical
CVE-2023-282327.5Critical
CVE-2023-282198.1Critical
CVE-2023-282758.8Critical
CVE-2023-215549.8Critical
CVE-2023-282715.5High
CVE-2023-249127.8Critical
CVE-2023-282547.2High
CVE-2023-282535.5High
CVE-2023-282688.1Critical
CVE-2023-282556.6High
CVE-2023-283056.6High
CVE-2023-282417.5Critical
CVE-2023-282177.5Critical
CVE-2023-282167.0High
CVE-2023-283027.5Critical
CVE-2023-282277.5Critical
CVE-2023-282566.6High
CVE-2023-282786.6High
CVE-2023-282764.4Warning
CVE-2023-217278.8Critical
CVE-2023-282227.1High
CVE-2023-283076.6High
CVE-2023-282208.1Critical
CVE-2023-282236.6High
CVE-2023-282665.5High
CVE-2023-217295.3High
CVE-2023-217697.5Critical
CVE-2023-248878.8Critical
CVE-2023-248836.5High
CVE-2023-282337.5Critical
CVE-2023-282438.8Critical
CVE-2023-282747.8Critical
CVE-2023-282217.0High
CVE-2023-282496.8High
CVE-2023-248868.8Critical
CVE-2023-249298.8Critical
CVE-2023-282377.8Critical
CVE-2023-282257.8Critical
CVE-2023-282487.8Critical
CVE-2023-282367.8Critical
CVE-2023-249288.8Critical
CVE-2023-282347.5Critical
CVE-2023-249258.8Critical
CVE-2023-282467.8Critical
CVE-2023-249147.0High
CVE-2023-282737.0High
CVE-2023-282696.8High
CVE-2023-282774.9Warning
CVE-2023-282265.3High
CVE-2023-282917.8Critical
CVE-2023-282706.8High
CVE-2023-249248.8Critical
CVE-2023-282356.8High
CVE-2023-282247.1High
CVE-2023-248858.8Critical
CVE-2023-282927.8Critical
CVE-2023-249278.8Critical
CVE-2023-248848.8Critical
CVE-2023-282978.8Critical
CVE-2023-282477.5Critical
CVE-2023-249268.8Critical
KB list:
5022348
5022287
5022291
5022286
5022297
5022352
5022303
5022343
5022346
5022289
5022282
5025224
5025230
5025229
5025239
5025221
5025228
5025288
5025272
5025285
5025287
5025234
Microsoft official advisories:
References
support.microsoft.com/kb/5022282
support.microsoft.com/kb/5022286
support.microsoft.com/kb/5022287
support.microsoft.com/kb/5022289
support.microsoft.com/kb/5022291
support.microsoft.com/kb/5022297
support.microsoft.com/kb/5022303
support.microsoft.com/kb/5022343
support.microsoft.com/kb/5022346
support.microsoft.com/kb/5022348
support.microsoft.com/kb/5022352
support.microsoft.com/kb/5025221
support.microsoft.com/kb/5025224
support.microsoft.com/kb/5025228
support.microsoft.com/kb/5025229
support.microsoft.com/kb/5025230
support.microsoft.com/kb/5025234
support.microsoft.com/kb/5025239
support.microsoft.com/kb/5025272
support.microsoft.com/kb/5025285
support.microsoft.com/kb/5025287
support.microsoft.com/kb/5025288
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21554
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21727
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21729
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-21769
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24883
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24884
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24885
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24886
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24887
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24912
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24914
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24924
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24925
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24926
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24927
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24928
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24929
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24931
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28216
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28217
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28218
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28219
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28220
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28221
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28222
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28223
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28224
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28225
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28226
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28227
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28228
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28229
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28231
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28232
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28233
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28234
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28235
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28236
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28237
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28238
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28240
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28241
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28243
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28244
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28246
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28247
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28248
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28249
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28250
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28252
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28253
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28254
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28255
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28256
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28266
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28267
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28268
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28269
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28270
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28271
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28272
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28273
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28274
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28275
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28276
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28277
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28278
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28291
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28292
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28293
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28297
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28298
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28302
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28305
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28306
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28307
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28308
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21554
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21727
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21729
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21769
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24883
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24884
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24885
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24886
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24887
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24912
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24914
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24924
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24925
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24926
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24927
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24928
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24929
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24931
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28216
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28217
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28218
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28219
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28220
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28221
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28222
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28223
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28224
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28225
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28226
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28227
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28228
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28229
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28231
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28232
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28233
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28234
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28235
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28236
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28237
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28238
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28240
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28241
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28243
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28244
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28246
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28247
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28248
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28249
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28250
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28252
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28253
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28254
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28255
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28256
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28266
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28267
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28268
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28269
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28270
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28271
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28272
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28273
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28274
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28275
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28276
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28277
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28278
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28291
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28292
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28293
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28297
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28298
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28302
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28305
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28306
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28307
msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28308
portal.msrc.microsoft.com/en-us/security-guidance
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Remote-Desktop/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-11/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2012/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2016/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2019/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.2 High
AI Score
Confidence
High
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.96 High
EPSS
Percentile
99.0%