The remote Windows host is missing security update 5028169. It is, therefore, affected by multiple vulnerabilities

  - Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability (CVE-2023-35365,     CVE-2023-35366, CVE-2023-35367)

  - Windows Netlogon Information Disclosure Vulnerability (CVE-2023-21526)

  - Windows Win32k Elevation of Privilege Vulnerability (CVE-2023-21756)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

KB5028169: Windows 10 Version 1607 and Windows Server 2016 Security Update (July 2023)

critical Nessus Plugin ID 178152

Version 1.6

Version 1.5

Version 1.4

Version 1.3

Version 1.2

Version 1.1

Version 1.0

Version 1.6 Jun 17, 2024, 3:35 PM Plugin metadata (add more granular CPEs to Windows OS plugins) Plugin Feed: 202406171535
Version 1.5 Nov 1, 2023, 1:41 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C". "CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202311011341
Version 1.4 Sep 28, 2023, 4:12 PM Exploit attributes ("Exploit framework metasploit" set to "True") Plugin Feed: 202309281612
Version 1.3 Sep 4, 2023, 4:15 PM Exploit attributes ("Exploit framework core" set to "True") Plugin Feed: 202309041615
Version 1.2 Aug 11, 2023, 2:16 PM IAVM reference Plugin Feed: 202308111416
Version 1.1 Jul 13, 2023, 8:04 PM IAVM reference STIG Severity (set to "I") Plugin Feed: 202307132004
Version 1.0 Jul 11, 2023, 11:35 PM New Plugin Feed: 202307112335