Lucene search
Copyright (C) 2024 Greenbone AGOPENVAS:1361412562310832817HistoryFeb 14, 2024 - 12:00 a.m.
Microsoft Windows Multiple Vulnerabilities (KB5034766)
2024-02-1400:00:00
Copyright (C) 2024 Greenbone AG
plugins.openvas.org
5
microsoft windows
multiple vulnerabilities
kb5034766
wdac ole db provider
internet shortcut files
ldap
privilege elevation
security feature bypass
dos
This host is missing an important security
update according to Microsoft KB5034766
# SPDX-FileCopyrightText: 2024 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.832817");
script_version("2024-02-23T14:36:45+0000");
script_xref(name:"CISA", value:"Known Exploited Vulnerability (KEV) catalog");
script_xref(name:"URL", value:"https://www.cisa.gov/known-exploited-vulnerabilities-catalog");
script_cve_id("CVE-2024-21420", "CVE-2024-21412", "CVE-2024-21406", "CVE-2024-21377",
"CVE-2024-21375", "CVE-2024-21371", "CVE-2024-21370", "CVE-2024-21368",
"CVE-2024-21366", "CVE-2024-21365", "CVE-2024-21362", "CVE-2024-21361",
"CVE-2024-21360", "CVE-2024-21359", "CVE-2024-21358", "CVE-2024-21357",
"CVE-2024-21356", "CVE-2024-21355", "CVE-2024-21354", "CVE-2024-21352",
"CVE-2024-21351", "CVE-2024-21350", "CVE-2024-21349", "CVE-2024-21348",
"CVE-2024-21347", "CVE-2024-21340", "CVE-2024-21339", "CVE-2024-20684",
"CVE-2024-21304", "CVE-2024-21405", "CVE-2024-21391", "CVE-2024-21372",
"CVE-2024-21369", "CVE-2024-21367", "CVE-2024-21363", "CVE-2024-21346",
"CVE-2024-21344", "CVE-2024-21343", "CVE-2024-21341", "CVE-2024-21338");
script_tag(name:"cvss_base", value:"10.0");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2024-02-23 14:36:45 +0000 (Fri, 23 Feb 2024)");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2024-02-13 18:16:00 +0000 (Tue, 13 Feb 2024)");
script_tag(name:"creation_date", value:"2024-02-14 09:10:43 +0530 (Wed, 14 Feb 2024)");
script_name("Microsoft Windows Multiple Vulnerabilities (KB5034766)");
script_tag(name:"summary", value:"This host is missing an important security
update according to Microsoft KB5034766");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present
on the target host.");
script_tag(name:"insight", value:"Multiple flaws exist due to,
- Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability.
- Internet Shortcut Files Security Feature Bypass Vulnerability.
- Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability.
For more information about the vulnerabilities refer to Reference links.");
script_tag(name:"impact", value:"Successful exploitation will allow an
attacker to elevate privileges, execute arbitrary commands, bypass security
feature, disclose information, conduct spoofing and denial of service attacks
on an affected system.");
script_tag(name:"affected", value:"Microsoft Windows 11 version 21H2 for x64-based Systems.");
script_tag(name:"solution", value:"The vendor has released updates. Please see
the references for more information.");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"executable_version");
script_xref(name:"URL", value:"https://support.microsoft.com/en-us/help/5034766");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2024 Greenbone AG");
script_family("Windows : Microsoft Bulletins");
script_dependencies("smb_reg_service_pack.nasl");
script_require_ports(139, 445);
script_mandatory_keys("SMB/WindowsVersion");
exit(0);
}
include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");
if(hotfix_check_sp(win11:1) <= 0) {
exit(0);
}
dllPath = smb_get_systemroot();
if(!dllPath ) {
exit(0);
}
fileVer = fetch_file_version(sysPath:dllPath, file_name:"\system32\user32.dll");
if(!fileVer) {
exit(0);
}
if(version_is_less(version:fileVer, test_version:"10.0.22000.2777")) {
report = report_fixed_ver(file_checked:dllPath + "\system32\user32.dll", file_version:fileVer, vulnerable_range:"Less than 10.0.22000.2777");
security_message(port:0, data:report);
exit(0);
}
exit(99);
Related
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5034763)
2024-02-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5034768)
2024-02-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5034765)
2024-02-14 00:00:00
nessus
nessus
KB5034774: Windows 10 LTS 1507 Security Update (February 2024)
2024-02-13 00:00:00
KB5034765: Windows 11 version 22H2 Security Update (February 2024)
2024-02-13 00:00:00
KB5034766: Windows 11 version 21H2 Security Update (February 2024)
2024-02-13 00:00:00
mskb
mskb
February 13, 2024—KB5034766 (OS Build 22000.2777)
2024-02-13 08:00:00
February 13, 2024—KB5034833 (Security-only update)
2024-02-13 08:00:00
February 13, 2024—KB5034795 (Monthly Rollup)
2024-02-13 08:00:00
kaspersky
kaspersky
KLA63965 Multiple vulnerabilities in Microsoft Products (ESU)
2024-02-13 00:00:00
KLA63958 Multiple vulnerabilities in Microsoft Windows
2024-02-13 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2024
2024-02-13 21:26:21
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, February 2024 Security Update Review
2024-02-13 20:03:29
talosblog
talosblog
hivepro
hivepro
Water Hydra Exploits CVE-2024-21412 to Target Financial Traders
2024-02-19 05:35:43
Attacks, Vulnerabilities and Actors 12 to 18 February 2024
2024-02-20 11:51:51
malwarebytes
malwarebytes
Update now! Microsoft fixes two zero-days on February Patch Tuesday
2024-02-14 13:17:19
thn
thn
Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation
2024-02-15 05:19:00
Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days
2024-02-14 05:01:00
Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks
2024-02-29 11:19:00
cvelist
cvelist
CVE-2024-21338 Windows Kernel Elevation of Privilege Vulnerability
2024-02-13 18:02:09
CVE-2024-21377 Windows DNS Information Disclosure Vulnerability
2024-02-13 18:02:42
CVE-2024-20684 Windows Hyper-V Denial of Service Vulnerability
2024-02-13 18:02:29
packetstorm
packetstorm
Microsoft Windows 10.0.17763.5458 Privilege Escalation
2024-04-02 00:00:00
prion
prion
Denial of service
2024-02-13 18:15:00
Information disclosure
2024-02-13 18:15:00
Spoofing
2024-02-13 18:15:00
cve
cve
mscve
mscve
Windows Printing Service Spoofing Vulnerability
2024-02-13 08:00:00
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
2024-02-13 08:00:00
Windows Hyper-V Denial of Service Vulnerability
2024-02-13 08:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2024-04-23 19:09:22
Exploit for Vulnerability in Microsoft
2024-03-21 15:57:51
Exploit for Vulnerability in Microsoft
2024-04-17 10:16:21
cisa_kev
cisa_kev
zdt
zdt
Microsoft Windows 10.0.17763.5458 - Kernel Privilege Escalation Exploit
2024-04-02 00:00:00
zdi
zdi
Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability
2024-02-13 00:00:00
attackerkb
attackerkb
trendmicroblog
trendmicroblog
CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day
2024-02-13 00:00:00
CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign
2024-03-13 00:00:00
SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes
2024-02-13 00:00:00