The remote Windows host is missing security update 5044285. It is, therefore, affected by multiple vulnerabilities

  - libcurl's ASN1 parser has this utf8asn1str() function used for parsing an ASN.1 UTF-8 string. Itcan detect     an invalid field and return error. Unfortunately, when doing so it also invokes `free()` on a 4 byte     localstack buffer. Most modern malloc implementations detect this error and immediately abort. Some     however accept the input pointer and add that memory to its list of available chunks. This leads to the     overwriting of nearby stack memory. The content of the overwrite is decided by the `free()`     implementation; likely to be memory pointers and a set of flags. The most likely outcome of exploting this     flaw is a crash, although it cannot be ruled out that more serious results can be had in special     circumstances. (CVE-2024-6197)   
  - Remote Desktop Client Remote Code Execution Vulnerability (CVE-2024-43599)

  - An attacker could exploit a use after free vulnerability within the OS SAPI component to execute     arbitrary code in the context of the compromised user to disclose sensitive information, compromise     system integrity or impact the availability of the victim's system. (CVE-2024-43574)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

KB5044285: Windows 11 version 22H2 / 23H2 Security Update (October 2024)

high Nessus Plugin ID 208304

Version 1.8

Version 1.7

Version 1.6

Version 1.5

Version 1.3

Version 1.2

Version 1.1

Version 1.8 Nov 18, 2024, 11:10 PM Plugin metadata (added CVE) Plugin Feed: 202411182310
Version 1.7 Nov 15, 2024, 3:52 PM IAVM reference Plugin Feed: 202411151552
Version 1.6 Nov 1, 2024, 3:44 PM CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:H/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:H/RL:O/RC:C") Exploit attributes ("Exploited by malware" set to "True") Plugin Feed: 202411011544
Version 1.5 Oct 11, 2024, 5:40 PM IAVM reference STIG Severity (set to "I") Plugin Feed: 202410111740
Version 1.3 Oct 9, 2024, 10:24 PM CISA reference CVSS temporal metrics ("CVSSv2 temporal vector" set to "CVSS2#E:F/RL:OF/RC:C") CVSS temporal metrics ("CVSSv3 temporal vector" set to "CVSS:3.0/E:F/RL:O/RC:C") Plugin Feed: 202410092224
Version 1.2 Oct 9, 2024, 8:53 AM CVSS metrics ("CVSSv2 score" set to 10.0) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C") CVSS metrics ("CVSSv3 score" set to 8.8) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H") CVSSv2 score source (changed from "CVE-2024-6197" to "CVE-2024-43599") Plugin Feed: 202410090853
Version 1.1 Oct 8, 2024, 10:36 PM New Plugin Feed: 202410082236