QID 91947
Date Published: 2022-09-14
QID 91947: Microsoft Windows Transmission Control Protocol/Internet Protocol (TCP/IP) Remote Code Execution (RCE) Vulnerability
Microsoft has released updated affecting Windows TCP/IP implementation to fix a Remote Code Excution Vulnerability.
The vulnerability is applicable if IPSec service is running. Hosts are not affected if IPv6 is disabled on it.
QID Detection Logic (Authenticated):
Operating Systems: Windows Server 2012, Windows 8.1, Windows Server 2008, Windows Server 2016, Windows 10, Windows 7, Windows Server 2019, Windows Server 2022, Windows 11
The KB Articles associated with the update:
The patch version is 6.3.9600.20564 (KB5017367)
The patch version is 6.0.6003.21661 (KB5017358)
The patch version is 6.0.6003.21661 (KB5017371)
The patch version is 10.0.14393.5356 (KB5017305)
The patch version is 6.2.9200.23861 (KB5017370)
The patch version is 6.2.9200.23861 (KB5017377)
The patch version is 6.3.9600.20564 (KB5017365)
The patch version is 6.1.7601.26111 (KB5017361)
The patch version is 6.1.7601.26111 (KB5017373)
The patch version is 10.0.10240.19444 (KB5017327)
The patch version is 10.0.17763.3406 (KB5017315)
The patch version is 10.0.19041.2006 (KB5017308)
The patch version is 10.0.20348.1006 (KB5017316)
The patch version is 10.0.22000.978 (KB5017328)
This QID checks for the file version of ntoskrnl.exe. The QID additionally checks if IPv6 and IPSec is enabled on the host.
Successful exploitation of the vulnerability will allow remote code execution.
- CVE-2022-34718 -
msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34718
CVEs related to QID 91947
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| CVE-2022-34718 |
msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-34718 |