DJ-CERT - Centre gouvernementale de veille, d'alertes et de réponses aux attaques informatiques

BULLETIN D'ALERTES

Object	Multiples vulnérabilités dans Microsoft Windows
Réference	1053
Date de Publication	2023-10-11
Sévérité	Critique

IMPACT :

Déni de service
Exécution de code à distance
Élévation du privilège
Perte de confidentialité
Contournement de la politique de sécurité

SYSTÉME AFFECTÉ :

Windows Server 2022 (Server Core installation)
Windows Server 2022
Windows Server 2019 (Server Core installation)
Windows Server 2019
Windows Server 2016 (Server Core installation)
Windows Server 2016
Windows Server 2012 R2 (Server Core installation)
Windows Server 2012 R2
Windows Server 2012 (Server Core installation)
Windows Server 2012
Windows 11 version 21H2 pour x64-based Systems
Windows 11 version 21H2 pour ARM64-based Systems
Windows 11 Version 22H2 pour x64-based Systems
Windows 11 Version 22H2 pour ARM64-based Systems
Windows 10 pour x64-based Systems
Windows 10 pour 32-bit Systems
Windows 10 Version 22H2 pour x64-based Systems
Windows 10 Version 22H2 pour ARM64-based Systems
Windows 10 Version 22H2 pour 32-bit Systems
Windows 10 Version 21H2 pour x64-based Systems
Windows 10 Version 21H2 pour ARM64-based Systems
Windows 10 Version 21H2 pour 32-bit Systems
Windows 10 Version 1809 pour x64-based Systems
Windows 10 Version 1809 pour ARM64-based Systems
Windows 10 Version 1809 pour 32-bit Systems
Windows 10 Version 1607 pour x64-based Systems
Windows 10 Version 1607 pour 32-bit Systems
Windows Server 2008 pour x64-based Systems Service Pack 2 (Server Core installation)
Windows Server 2008 pour x64-based Systems Service Pack 2
Windows Server 2008 pour 32-bit Systems Service Pack 2 (Server Core installation)
Windows Server 2008 pour 32-bit Systems Service Pack 2
Windows Server 2008 R2 pour x64-based Systems Service Pack 1 (Server Core installation)
Windows Server 2008 R2 pour x64-based Systems Service Pack 1

DÉSCRIPTION :

Microsoft a dévoilé la résolution de plusieurs vulnérabilités critiques au sein des systèmes d'exploitation Windows mentionnés. L'exploitation de ces failles pourrait potentiellement autoriser un attaquant à révéler des informations sensibles, à exécuter du code de manière non autorisée, à réussir à obtenir des privilèges élevés, à provoquer un déni de service et à contourner les politiques de sécurité.

SOLUTION :

Se référer au bulletin de sécurité Microsoft du 10 Octobre 2023

DOCUMENTATION :

Bulletin de sécurité Microsoft du 10 Octobre 2023:

https://msrc.microsoft.com/update-guide/

CVE-2023-44487

https://nvd.nist.gov/vuln/detail/CVE-2023-44487

CVE-2023-38159

https://nvd.nist.gov/vuln/detail/CVE-2023-38159

CVE-2023-36594

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36594

CVE-2023-36435

https://nvd.nist.gov/vuln/detail/CVE-2023-36435

CVE-2023- 38171

https://nvd.nist.gov/vuln/detail/CVE-2023-38171

CVE-2023-36577

https://nvd.nist.gov/vuln/detail/CVE-2023-36577

CVE-2023-36710

https://nvd.nist.gov/vuln/detail/CVE-2023-36710

CVE-2023-36564

https://nvd.nist.gov/vuln/detail/CVE-2023-36564/change-record?changeRecordedOn=10/13/2023T14:57:13.097-0400

CVE-2023-36563

https://nvd.nist.gov/vuln/detail/CVE-2023-36563

ADV990001

https://msrc.microsoft.com/update-guide/vulnerability/ADV990001

ADV190023

https://msrc.microsoft.com/update-guide/vulnerability/ADV190023

CVE-2023-36585

https://nvd.nist.gov/vuln/detail/CVE-2023-36585

CVE-2023-36709

https://nvd.nist.gov/vuln/detail/CVE-2023-36709

CVE-2023-36902

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36902

CVE2023-36713

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36713

CVE-2023-36723

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36723

CVE-2023-36567

https://nvd.nist.gov/vuln/detail/CVE-2023-36567

CVE-2023-36706

https://nvd.nist.gov/vuln/detail/CVE-2023-36706

CVE-2023-36707

https://nvd.nist.gov/vuln/detail/CVE-2023-36707

CVE-2023-36703

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36703

CVE-2023-36721

https://nvd.nist.gov/vuln/detail/CVE-2023-36721

CVE-2023-36436

https://nvd.nist.gov/vuln/detail/CVE-2023-36436

CVE-2023-36557

https://nvd.nist.gov/vuln/detail/CVE-2023-36557

CVE-2023- 36434

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36434

CVE-2023-36726

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36726

CVE-2022-37967

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37967

CVE-2023-36576

https://nvd.nist.gov/vuln/detail/CVE-2023-36576

CVE-2023-36698

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36698

CVE2023-36712

https://nvd.nist.gov/vuln/detail/CVE-2023-36712

CVE-2023-38166

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38166

CVE-2023-41774

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41774

CVE-2023-41773

https://nvd.nist.gov/vuln/detail/CVE-2023-41773

CVE-2023-41771

https://nvd.nist.gov/vuln/detail/CVE-2023-41771

CVE-2023-41770

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41770

CVE-2023-41769

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41769

CVE-2023-41768

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41768

CVE-2023-41767

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41767

CVE-2023- 41765

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41765

CVE-2023-36584

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36584

CVE-2023-36431

https://nvd.nist.gov/vuln/detail/CVE-2023-36431

CVE-2023-36570

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36570

CVE-2023-36571

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36571

CVE2023-36572

https://nvd.nist.gov/vuln/detail/CVE-2023-36572

CVE-2023-36573

https://nvd.nist.gov/vuln/detail/CVE-2023-36573

CVE-2023-36575

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36575

CVE-2023-36578

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36578

CVE-2023-36579

https://nvd.nist.gov/vuln/detail/CVE-2023-36579

CVE-2023-36581

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36581

CVE-2023-36582

https://nvd.nist.gov/vuln/detail/CVE-2023-36582

CVE-2023-36583

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36583

CVE-2023-36589

https://nvd.nist.gov/vuln/detail/CVE-2023-36589

CVE-2023- 36590

https://nvd.nist.gov/vuln/detail/CVE-2023-36590

CVE-2023-36591

https://nvd.nist.gov/vuln/detail/CVE-2023-36591

CVE-2023-36592

https://nvd.nist.gov/vuln/detail/CVE-2023-36592

CVE-2023-36593

https://nvd.nist.gov/vuln/detail/CVE-2023-36593

CVE-2023-36606

https://nvd.nist.gov/vuln/detail/CVE-2023-36606

CVE2023-36697

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36697

CVE-2023-35349

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35349

CVE-2023-36702

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36702

CVE-2023-36720

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36720

CVE-2023-36605

https://nvd.nist.gov/vuln/detail/CVE-2023-36605

CVE-2023-36729

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36729

CVE-2023-36725

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36725

CVE-2023-36724

https://nvd.nist.gov/vuln/detail/CVE-2023-36724

CVE-2023-36790

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36790

CVE-2023- 29348

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29348

CVE-2023-36596

https://nvd.nist.gov/vuln/detail/CVE-2023-36596

CVE-2023-36701

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36701

CVE-2023-36711

https://nvd.nist.gov/vuln/detail/CVE-2023-36711

CVE-2023-36704

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36704

CVE2023-36438

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36438

CVE-2023-36602

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36602

CVE-2023-36603

https://nvd.nist.gov/vuln/detail/CVE-2023-36603

CVE-2023-36717

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36717

CVE-2023-36718

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36718

CVE-2023-36743

https://msrc.microsoft.com/update-guide/en-US/advisory/CVE-2023-36743

CVE-2023-36776

https://nvd.nist.gov/vuln/detail/CVE-2023-36776

CVE-2023-36731

https://nvd.nist.gov/vuln/detail/CVE-2023-36731

CVE-2023-36732

https://nvd.nist.gov/vuln/detail/CVE-2023-36732

CVE-2023- 41772

https://nvd.nist.gov/vuln/detail/CVE-2023-41772