Test ID:	1.3.6.1.4.1.25623.1.0.832730
Category:	Windows : Microsoft Bulletins
Title:	Microsoft Windows Multiple Vulnerabilities (KB5033369)
Summary:	This host is missing an important security; update according to Microsoft KB5033369
Description:	Summary: This host is missing an important security update according to Microsoft KB5033369 Vulnerability Insight: Multiple flaws exist due to: - Win32k Elevation of Privilege Vulnerability. - Internet Connection Sharing (ICS) Remote Code Execution Vulnerability. For more information about the vulnerabilities refer to Reference links. Vulnerability Impact: Successful exploitation would allow an attacker to elevate privileges, execute arbitrary commands, spoofing, disclose information and conduct DoS attacks on an affected system. Affected Software/OS: Microsoft Windows 11 version 21H2 for x64-based Systems. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2023-20588 Debian Security Information: DSA-5480 (Google Search) https://www.debian.org/security/2023/dsa-5480 Debian Security Information: DSA-5492 (Google Search) https://www.debian.org/security/2023/dsa-5492 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AGZCACEHT6ZZZGG36QQMGROBM4FLWYJX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KJTUVYZMP6BNF342DS3W7XGOGXC6JPN5/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DIOYP4ZOBML4RCUM3MHRFZUQL445MZM3/ https://www.amd.com/en/corporate/product-security/bulletin/AMD-SB-7007 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html http://www.openwall.com/lists/oss-security/2023/09/25/4 http://www.openwall.com/lists/oss-security/2023/09/25/7 http://www.openwall.com/lists/oss-security/2023/09/25/8 http://www.openwall.com/lists/oss-security/2023/09/25/3 http://www.openwall.com/lists/oss-security/2023/09/25/5 http://www.openwall.com/lists/oss-security/2023/09/26/5 http://www.openwall.com/lists/oss-security/2023/09/26/8 http://www.openwall.com/lists/oss-security/2023/09/26/9 http://www.openwall.com/lists/oss-security/2023/09/27/1 http://www.openwall.com/lists/oss-security/2023/10/03/12 http://www.openwall.com/lists/oss-security/2023/10/03/13 http://www.openwall.com/lists/oss-security/2023/10/03/14 http://www.openwall.com/lists/oss-security/2023/10/03/15 http://www.openwall.com/lists/oss-security/2023/10/03/9 http://www.openwall.com/lists/oss-security/2023/10/04/2 http://www.openwall.com/lists/oss-security/2023/10/03/16 http://www.openwall.com/lists/oss-security/2023/10/04/1 http://www.openwall.com/lists/oss-security/2023/10/04/3 http://www.openwall.com/lists/oss-security/2023/10/04/4 Common Vulnerability Exposure (CVE) ID: CVE-2023-35631 Win32k Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35631 Common Vulnerability Exposure (CVE) ID: CVE-2023-35630 Internet Connection Sharing (ICS) Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35630 Common Vulnerability Exposure (CVE) ID: CVE-2023-35628 Windows MSHTML Platform Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35628 Common Vulnerability Exposure (CVE) ID: CVE-2023-35642 Internet Connection Sharing (ICS) Denial of Service Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35642 Common Vulnerability Exposure (CVE) ID: CVE-2023-35641 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35641 Common Vulnerability Exposure (CVE) ID: CVE-2023-35639 Microsoft ODBC Driver Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35639 Common Vulnerability Exposure (CVE) ID: CVE-2023-36006 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36006 Common Vulnerability Exposure (CVE) ID: CVE-2023-36005 Windows Telephony Server Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36005 Common Vulnerability Exposure (CVE) ID: CVE-2023-36004 Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36004 Common Vulnerability Exposure (CVE) ID: CVE-2023-36003 XAML Diagnostics Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36003 Common Vulnerability Exposure (CVE) ID: CVE-2023-36011 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36011 Common Vulnerability Exposure (CVE) ID: CVE-2023-21740 Windows Media Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21740 Common Vulnerability Exposure (CVE) ID: CVE-2023-35644 Windows Sysmain Service Elevation of Privilege https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35644 Common Vulnerability Exposure (CVE) ID: CVE-2023-35634 Windows Bluetooth Driver Remote Code Execution Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35634 Common Vulnerability Exposure (CVE) ID: CVE-2023-36696 Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36696
Copyright	Copyright (C) 2023 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.