Security
Headlines
HeadlinesLatestCVEs

Source

Microsoft Security Response Center

CVE-2023-35364: Windows Kernel Elevation of Privilege Vulnerability

**According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?** In this case, a successful attack could be performed from a low privilege AppContainer. The attacker could elevate their privileges and execute code or access resources at a higher integrity level than that of the AppContainer execution environment.

Microsoft Security Response Center
Open in Source
#vulnerability#web#windows#microsoft#Windows NT OS Kernel#Security Vulnerability
CVE-2023-35363: Windows Kernel Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2023-35357: Windows Kernel Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2023-35356: Windows Kernel Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2023-35358: Windows Kernel Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2023-35362: Windows Clip Service Elevation of Privilege Vulnerability

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

CVE-2023-35353: Connected User Experiences and Telemetry Elevation of Privilege Vulnerability

**What privileges could be gained by an attacker who successfully exploited this vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

CVE-2023-35300: Remote Procedure Call Runtime Remote Code Execution Vulnerability

**How could an attacker exploit this vulnerability?** The authenticated attacker could take advantage of this vulnerability to execute malicious code through the RPC runtime.

CVE-2023-35302: Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

**Determine if the Print Spooler service is running** Run the following in Windows PowerShell: Get-Service -Name Spooler If the Print Spooler is running or if the service is not set to disabled, select one of the following options to either disable the Print Spooler service, or to Disable inbound remote printing through Group Policy: **Option 1 - Disable the Print Spooler service** If disabling the Print Spooler service is appropriate for your enterprise, use the following PowerShell commands: Stop-Service -Name Spooler -Force Set-Service -Name Spooler -StartupType Disabled **Impact of workaround** Disabling the Print Spooler service disables the ability to print both locally and remotely. **Option 2 - Disable inbound remote printing through Group Policy** You can also configure the settings via Group Policy as follows: Computer Configuration / Administrative Templates / Printers Disable the “Allow Print Spooler to accept client connections:” policy to block remote attacks....

CVE-2023-35296: Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

**What type of information could be disclosed by this vulnerability?** An attacker who successfully exploited this vulnerability could potentially read small portions of heap memory.