KLA67433 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, cause denial of service, obtain sensitive information, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Windows Hyper-V can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Windows Mobile Broadband Driver can be exploited remotely to execute arbitrary code.
3. An elevation of privilege vulnerability in Windows Common Log File System Driver can be exploited remotely to gain privileges.
4. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
5. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
6. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
7. A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.
8. An information disclosure vulnerability in Windows Remote Access Connection Manager can be exploited remotely to obtain sensitive information.
9. An elevation of privilege vulnerability in Windows CNG Key Isolation Service can be exploited remotely to gain privileges.
10. An elevation of privilege vulnerability in Windows DWM Core Library can be exploited remotely to gain privileges.
11. An information disclosure vulnerability in Windows Cryptographic Services can be exploited remotely to obtain sensitive information.
12. A denial of service vulnerability in Windows Hyper-V can be exploited remotely to cause denial of service.
13. An elevation of privilege vulnerability in Microsoft Windows SCSI Class System File can be exploited remotely to gain privileges.
14. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
15. An elevation of privilege vulnerability in NTFS can be exploited remotely to gain privileges.
16. An elevation of privilege vulnerability in Microsoft Brokering File System can be exploited remotely to gain privileges.
17. A security feature bypass vulnerability in Windows Mark of the Web can be exploited remotely to bypass security restrictions.
18. An information disclosure vulnerability in Windows DWM Core Library can be exploited remotely to obtain sensitive information.
19. A security feature bypass vulnerability in Windows MSHTML Platform can be exploited remotely to bypass security restrictions.
20. An elevation of privilege vulnerability in Windows Search Service can be exploited remotely to gain privileges.
21. An information disclosure vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to obtain sensitive information.
22. An elevation of privilege vulnerability in Microsoft PLUGScheduler Scheduled Task can be exploited remotely to gain privileges.
23. A remote code execution vulnerability in Microsoft WDAC OLE DB provider for SQL Server can be exploited remotely to execute arbitrary code.
24. An information disclosure vulnerability in Windows Deployment Services can be exploited remotely to obtain sensitive information.
25. A remote code execution vulnerability in Windows Cryptographic Services can be exploited remotely to execute arbitrary code.

Original advisories

CVE-2024-30010

CVE-2024-29999

CVE-2024-29998

CVE-2024-30025

CVE-2024-30015

CVE-2024-30018

CVE-2024-30009

CVE-2024-30021

CVE-2024-30028

CVE-2024-30019

CVE-2024-30039

CVE-2024-30031

CVE-2024-30032

CVE-2024-30004

CVE-2024-30024

CVE-2024-30016

CVE-2024-30011

CVE-2024-29994

CVE-2024-30049

CVE-2024-30014

CVE-2024-30005

CVE-2024-30003

CVE-2024-30027

CVE-2024-29997

CVE-2024-30007

CVE-2024-30051

CVE-2024-30050

CVE-2024-30017

CVE-2024-30038

CVE-2024-30000

CVE-2024-30008

CVE-2024-30037

CVE-2024-30012

CVE-2024-30022

CVE-2024-29996

CVE-2024-30040

CVE-2024-30033

CVE-2024-30034

CVE-2024-30029

CVE-2024-30035

CVE-2024-26238

CVE-2024-30006

CVE-2024-30001

CVE-2024-30023

CVE-2024-30002

CVE-2024-30036

CVE-2024-30020

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-10

Microsoft-Windows-Server-2016

Microsoft-Windows-Server-2019

Microsoft-Windows-11

CVE list

CVE-2024-30010 critical

CVE-2024-29999 high

CVE-2024-29998 high

CVE-2024-30025 critical

CVE-2024-30015 critical

CVE-2024-30018 critical

CVE-2024-30009 critical

CVE-2024-30021 high

CVE-2024-30028 critical

CVE-2024-30019 high

CVE-2024-30039 high

CVE-2024-30031 critical

CVE-2024-30032 critical

CVE-2024-30004 high

CVE-2024-30024 critical

CVE-2024-30016 high

CVE-2024-30011 high

CVE-2024-29994 critical

CVE-2024-30049 critical

CVE-2024-30014 critical

CVE-2024-30005 high

CVE-2024-30003 high

CVE-2024-30027 critical

CVE-2024-29997 high

CVE-2024-30007 critical

CVE-2024-30051 critical

CVE-2024-30050 high

CVE-2024-30017 critical

CVE-2024-30038 critical

CVE-2024-30000 high

CVE-2024-30008 high

CVE-2024-30037 critical

CVE-2024-30012 high

CVE-2024-30022 critical

CVE-2024-29996 critical

CVE-2024-30040 critical

CVE-2024-30033 high

CVE-2024-30034 high

CVE-2024-30029 critical

CVE-2024-30035 critical

CVE-2024-26238 critical

CVE-2024-30006 critical

CVE-2024-30001 high

CVE-2024-30023 critical

CVE-2024-30002 high

CVE-2024-30036 high

CVE-2024-30020 critical

KB list

5037765

5037768

5037788

5037763

5037781

5037782

5037771

5037770

5037848

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• SB

Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Windows 10 Version 1809 for ARM64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows 11 Version 23H2 for x64-based SystemsWindows 10 Version 22H2 for x64-based SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 21H2 for x64-based SystemsWindows Server 2016 (Server Core installation)Windows 10 Version 22H2 for ARM64-based SystemsWindows Server 2019Windows Server 2016Windows 10 Version 21H2 for x64-based SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows 10 for 32-bit SystemsWindows Server 2022Windows Server 2019 (Server Core installation)Windows 10 for x64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit Systems