KLA68915 Multiple vulnerabilities in Microsoft Windows

Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, cause denial of service, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Windows Perception Service can be exploited remotely to gain privileges.
2. An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
3. An elevation of privilege vulnerability in Windows Kernel-Mode Driver can be exploited remotely to gain privileges.
4. A remote code execution vulnerability in Windows Standards-Based Storage Management Service can be exploited remotely to execute arbitrary code.
5. An elevation of privilege vulnerability in Windows Win32 Kernel Subsystem can be exploited remotely to gain privileges.
6. A denial of service vulnerability in Windows Standards-Based Storage Management Service can be exploited remotely to cause denial of service.
7. A remote code execution vulnerability in Windows OLE can be exploited remotely to execute arbitrary code.
8. A denial of service vulnerability in Windows Themes can be exploited remotely to cause denial of service.
9. An information disclosure vulnerability in Windows Remote Access Connection Manager can be exploited remotely to obtain sensitive information.
10. A denial of service vulnerability in DNS protocol can be exploited remotely to cause denial of service.
11. A remote code execution vulnerability in Microsoft Message Queuing (MSMQ) can be exploited remotely to execute arbitrary code.
12. An elevation of privilege vulnerability in Windows Cloud Files Mini Filter Driver can be exploited remotely to gain privileges.
13. An elevation of privilege vulnerability in Windows Kernel can be exploited remotely to gain privileges.
14. A remote code execution vulnerability in Windows Wi-Fi Driver can be exploited remotely to execute arbitrary code.
15. An elevation of privilege vulnerability in Microsoft Streaming Service can be exploited remotely to gain privileges.
16. An elevation of privilege vulnerability in Winlogon can be exploited remotely to gain privileges.
17. An elevation of privilege vulnerability in Windows Storage can be exploited remotely to gain privileges.
18. A remote code execution vulnerability in Microsoft Speech Application Programming Interface (SAPI) can be exploited remotely to execute arbitrary code.
19. An information disclosure vulnerability in Windows Cryptographic Services can be exploited remotely to obtain sensitive information.
20. A remote code execution vulnerability in Windows Routing and Remote Access Service (RRAS) can be exploited remotely to execute arbitrary code.
21. A remote code execution vulnerability in Windows Distributed File System (DFS) can be exploited remotely to execute arbitrary code.
22. An elevation of privilege vulnerability in Windows Container Manager Service can be exploited remotely to gain privileges.
23. A remote code execution vulnerability in Microsoft Event Trace Log File Parsing can be exploited remotely to execute arbitrary code.
24. A denial of service vulnerability in DHCP Server Service can be exploited remotely to cause denial of service.

Original advisories

CVE-2023-50868

CVE-2024-30080

CVE-2024-30091

CVE-2024-35250

CVE-2024-30084

CVE-2024-30078

CVE-2024-30090

CVE-2024-30066

CVE-2024-30062

CVE-2024-30093

CVE-2024-30087

CVE-2024-30086

CVE-2024-30083

CVE-2024-30095

CVE-2024-30067

CVE-2024-30077

CVE-2024-30082

CVE-2024-30094

CVE-2024-30063

CVE-2024-30065

CVE-2024-30070

CVE-2024-35265

CVE-2024-30069

CVE-2024-30085

CVE-2024-30099

CVE-2024-30068

CVE-2024-30088

CVE-2024-30097

CVE-2024-30096

CVE-2024-30064

CVE-2024-30076

CVE-2024-30072

CVE-2024-30089

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Endpoint-Configuration-Manager

CVE list

CVE-2023-50868 warning

CVE-2024-30080 critical

CVE-2024-30091 critical

CVE-2024-35250 critical

CVE-2024-30084 high

CVE-2024-30078 critical

CVE-2024-30090 high

CVE-2024-30066 high

CVE-2024-30062 critical

CVE-2024-30093 high

CVE-2024-30087 critical

CVE-2024-30086 critical

CVE-2024-30083 critical

CVE-2024-30095 critical

CVE-2024-30067 high

CVE-2024-30077 critical

CVE-2024-30082 critical

CVE-2024-30094 critical

CVE-2024-30063 high

CVE-2024-30065 high

CVE-2024-30070 critical

CVE-2024-35265 high

CVE-2024-30069 warning

CVE-2024-30085 critical

CVE-2024-30099 high

CVE-2024-30068 critical

CVE-2024-30088 high

CVE-2024-30097 critical

CVE-2024-30096 high

CVE-2024-30064 critical

CVE-2024-30076 high

CVE-2024-30072 critical

CVE-2024-30089 critical

KB list

5039213

5039214

5039217

5039225

5039330

5039236

5039212

5039211

5039227

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

• DoS

Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.

• PE

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

• Windows Server 2019Windows 11 Version 23H2 for ARM64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 10 for x64-based SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows 10 Version 1607 for 32-bit SystemsWindows Server 2019 (Server Core installation)Windows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 23H2 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 11 Version 22H2 for ARM64-based SystemsWindows Server 2016Windows 10 Version 21H2 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows 10 Version 1809 for x64-based SystemsWindows 11 version 21H2 for ARM64-based SystemsWindows Server 2022Windows 10 Version 22H2 for x64-based SystemsWindows 11 version 21H2 for x64-based SystemsWindows Server 2016 (Server Core installation)Windows 10 for 32-bit SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 1607 for x64-based SystemsWindows 11 Version 22H2 for x64-based Systems