Kaspersky LabKLA70416KLA70416 Multiple vulnerabilities in Microsoft Windows
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
98.2%
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, gain privileges, obtain sensitive information, spoof user interface, read local files.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Windows Distributed Transaction Coordinator can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in Secure Boot can be exploited remotely to bypass security restrictions.
- A denial of service vulnerability in Windows Remote Desktop Gateway (RD Gateway) can be exploited remotely to cause denial of service.
- A denial of service vulnerability in Windows iSCSI Service can be exploited remotely to cause denial of service.
- An elevation of privilege vulnerability in Windows Graphics Component can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Remote Access Connection Manager can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Filtering Platform can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Image Acquisition can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Workstation Service can be exploited remotely to gain privileges.
- A denial of service vulnerability in Windows Network Driver Interface Specification (NDIS) can be exploited remotely to cause denial of service.
- A denial of service vulnerability in Windows Layer-2 Bridge Network Driver can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Layer-2 Bridge Network Driver can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Kernel Streaming WOW Thunk Service Driver can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Windows Cryptographic Services can be exploited remotely to bypass security restrictions.
- A denial of service vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Remote Desktop Licensing Service can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Microsoft Windows Codecs Library can be exploited remotely to obtain sensitive information.
- A denial of service vulnerability in Windows Online Certificate Status Protocol (OCSP) Server can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in DHCP Server Service can be exploited remotely to execute arbitrary code.
- A security feature bypass vulnerability in BitLocker can be exploited remotely to bypass security restrictions.
- A denial of service vulnerability in Windows Line Printer Daemon Service can be exploited remotely to cause denial of service.
- A security feature bypass vulnerability in Windows LockDown Policy (WLDP) can be exploited remotely to bypass security restrictions.
- An information disclosure vulnerability in Windows TCP/IP can be exploited remotely to obtain sensitive information.
- A spoofing vulnerability in Windows NTLM can be exploited remotely to spoof user interface.
- An information disclosure vulnerability in Windows Remote Access Connection Manager can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Microsoft Windows Performance Data Helper Library can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Imaging Component can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Windows Graphics Component can be exploited remotely to execute arbitrary code.
- A spoofing vulnerability in CERT/CC: CVE-2024-3596 RADIUS Protocol can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in DCOM Remote Cross-Session Activation can be exploited remotely to gain privileges.
- A spoofing vulnerability in Windows Themes can be exploited remotely to spoof user interface.
- A denial of service vulnerability in Microsoft WS-Discovery can be exploited remotely to cause denial of service.
- A remote code execution vulnerability in Windows Fax Service can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Github: CVE-2024-39684 TenCent RapidJSON can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Microsoft Windows Server Backup can be exploited remotely to gain privileges.
- A spoofing vulnerability in Windows MSHTML Platform can be exploited remotely to spoof user interface.
- An elevation of privilege vulnerability in PowerShell can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Microsoft Message Queuing can be exploited remotely to obtain sensitive information.
- An elevation of privilege vulnerability in Windows Win32k can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows Text Services Framework can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Github: CVE-2024-38517 TenCent RapidJSON can be exploited remotely to gain privileges.
- An elevation of privilege vulnerability in Windows File Explorer can be exploited remotely to gain privileges.
- An information disclosure vulnerability in Windows Kernel can be exploited remotely to obtain sensitive information.
- A security feature bypass vulnerability in Windows Enroll Engine can be exploited remotely to bypass security restrictions.
- An elevation of privilege vulnerability in Win32k can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Xbox Wireless Adapter can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Hyper-V can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Microsoft Xbox can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Windows Kernel-Mode Driver can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Windows MultiPoint Services can be exploited remotely to execute arbitrary code.
- Unspecified Microsoft Windows can be exploited remotely to obtain sensitive information.
Original advisories
Exploitation
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
CVE-2024-38049 high
CVE-2024-37974 high
CVE-2024-38015 high
CVE-2024-35270 high
CVE-2024-38085 high
CVE-2024-37988 high
CVE-2024-37972 high
CVE-2024-30079 high
CVE-2024-38034 high
CVE-2024-38022 high
CVE-2024-38050 high
CVE-2024-38048 high
CVE-2024-37984 high
CVE-2024-38105 high
CVE-2024-38053 high
CVE-2024-38102 high
CVE-2024-38054 high
CVE-2024-30098 high
CVE-2024-38071 high
CVE-2024-37971 high
CVE-2024-38077 critical
CVE-2024-38010 high
CVE-2024-38056 high
CVE-2024-37987 high
CVE-2024-38031 high
CVE-2024-37986 high
CVE-2024-38044 high
CVE-2024-38079 high
CVE-2024-37973 high
CVE-2024-38058 high
CVE-2024-37969 high
CVE-2024-38027 high
CVE-2024-38065 high
CVE-2024-38055 high
CVE-2024-38070 high
CVE-2024-38064 high
CVE-2024-30081 high
CVE-2024-30071 warning
CVE-2024-38028 high
CVE-2024-38060 high
CVE-2024-38074 critical
CVE-2024-38051 high
CVE-2024-38057 high
CVE-2024-37970 high
CVE-2024-3596 high
CVE-2024-38011 high
CVE-2024-28899 high
CVE-2024-38061 high
CVE-2024-38052 high
CVE-2024-38030 high
CVE-2024-38091 high
CVE-2024-38104 high
CVE-2024-39684 high
CVE-2024-37989 high
CVE-2024-38101 high
CVE-2024-38025 high
CVE-2024-38073 high
CVE-2024-38067 high
CVE-2024-38013 high
CVE-2024-38019 high
CVE-2024-38112 high
CVE-2024-38033 high
CVE-2024-37975 high
CVE-2024-38068 high
CVE-2024-38017 high
CVE-2024-38066 high
CVE-2024-38072 high
CVE-2024-21417 high
CVE-2024-38517 high
CVE-2024-38100 high
CVE-2024-38041 high
CVE-2024-38069 high
CVE-2024-38059 high
CVE-2024-38078 high
CVE-2024-38080 high
CVE-2024-37977 high
CVE-2024-38032 high
CVE-2024-38043 high
CVE-2024-38047 high
CVE-2024-38062 high
CVE-2024-26184 high
CVE-2024-37978 high
CVE-2024-30013 high
CVE-2024-38076 critical
CVE-2024-37981 high
CVE-2024-37985 high
KB list
Solution
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Impacts
- ACE
Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.
- OSI
Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.
- DoS
Denial of service. Exploitation of vulnerabilities with this impact can lead to loss of system availability or critical functional fault.
- SB
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
- PE
Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.
- RLF
Read Local Files. Exploitation of vulnerabilities with this impact can lead to reading some inaccessible files. Files that can be read depends on conсrete program errors.
- SUI
Spoof user interface. Exploitation of vulnerabilities with this impact can lead to changes in user interface to beguile user into inaccurate behavior.
Affected Products
- Windows 10 Version 1809 for ARM64-based SystemsWindows Server 2016 (Server Core installation)Windows 10 Version 22H2 for ARM64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 11 Version 23H2 for x64-based SystemsWindows 10 Version 22H2 for 32-bit SystemsWindows Server 2019 (Server Core installation)Windows 10 Version 1607 for 32-bit SystemsWindows 10 Version 1607 for x64-based SystemsWindows 10 Version 21H2 for x64-based SystemsWindows 11 Version 22H2 for x64-based SystemsWindows 10 for x64-based SystemsWindows 11 Version 23H2 for ARM64-based SystemsWindows Server 2022Windows 10 Version 21H2 for ARM64-based SystemsWindows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 21H2 for x64-based SystemsWindows Server 2022 (Server Core installation)Windows 10 Version 22H2 for x64-based SystemsWindows Server 2016Windows Server 2019Windows 11 Version 22H2 for ARM64-based SystemsWindows 10 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows 10 Version 21H2 for 32-bit SystemsWindows 11 version 21H2 for ARM64-based Systems
References
support.microsoft.com/kb/5040427
support.microsoft.com/kb/5040430
support.microsoft.com/kb/5040431
support.microsoft.com/kb/5040434
support.microsoft.com/kb/5040437
support.microsoft.com/kb/5040438
support.microsoft.com/kb/5040442
support.microsoft.com/kb/5040448
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21417
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26184
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-28899
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30013
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30071
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30079
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30081
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-30098
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-35270
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-3596
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37969
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37970
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37971
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37972
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37973
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37974
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37975
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37977
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37978
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37981
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37984
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37985
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37986
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37987
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37988
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-37989
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38010
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38011
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38013
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38015
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38017
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38019
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38022
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38025
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38027
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38028
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38030
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38031
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38032
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38033
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38034
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38041
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38043
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38044
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38047
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38048
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38049
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38050
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38051
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38052
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38053
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38054
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38055
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38056
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38057
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38058
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38059
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38060
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38061
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38062
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38064
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38065
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38066
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38067
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38068
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38069
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38070
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38071
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38072
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38073
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38074
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38076
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38077
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38078
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38079
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38080
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38085
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38091
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38100
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38101
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38102
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38104
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38105
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38112
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38517
msrc.microsoft.com/update-guide/vulnerability/CVE-2024-39684
statistics.securelist.com/
threats.kaspersky.com/en/class/Exploit/
threats.kaspersky.com/en/product/Microsoft-Windows-10/
threats.kaspersky.com/en/product/Microsoft-Windows-11/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2016/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2019/
threats.kaspersky.com/en/product/Microsoft-Windows-Server-2022/
threats.kaspersky.com/en/product/Microsoft-Windows-Server/
threats.kaspersky.com/en/product/Microsoft-Windows/
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
98.2%