QID 91957

Date Published: 2022-11-09

QID 91957: Microsoft Windows Server Elevation of Privilege Vulnerability for November 2022

Microsoft Windows Security Update - November 2022

QID Detection Logic (Authenticated):
Operating Systems: The KB Articles associated with the update:
KB5020000
KB5020013
KB5020019
KB5020005
KB5019081
KB5019966
KB5019964
KB5020023
KB5020010
KB5020009
KB5020003

This QID checks for the file version of ntoskrnl.exe.

Successful exploit could compromise Confidentiality, Integrity and Availability

  • CVSS V3 rated as Critical - 8.1 severity.
  • CVSS V2 rated as Critical - 10 severity.
    • Solution
    Please refer to the Following KB Articles associated with the update:
    KB5020000
    KB5020013
    KB5020019
    KB5020005
    KB5019081
    KB5019966
    KB5019964
    KB5020023
    KB5020010
    KB5020009
    KB5020003
    Vendor References

    CVEs related to QID 91957

    CVE-2022-38023 | CVE-2022-37966 | CVE-2022-37967 |
    Software Advisories
    Advisory ID Software Component Link
    KB5019081 URL Logo support.microsoft.com/en-in/help/5019081
    KB5019964 URL Logo support.microsoft.com/en-in/help/5019964
    KB5019966 URL Logo support.microsoft.com/en-in/help/5019966
    KB5020000 URL Logo support.microsoft.com/en-in/help/5020000
    KB5020003 URL Logo support.microsoft.com/en-in/help/5020003
    KB5020005 URL Logo support.microsoft.com/en-in/help/5020005
    KB5020009 URL Logo support.microsoft.com/en-in/help/5020009
    KB5020010 URL Logo support.microsoft.com/en-in/help/5020010
    KB5020013 URL Logo support.microsoft.com/en-in/help/5020013
    KB5020019 URL Logo support.microsoft.com/en-in/help/5020019
    KB5020023 URL Logo support.microsoft.com/en-in/help/5020023
    By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].