Windows · Fixed build

10.0.22000.2600

31 CVEs fixed by this build, deployed across 2 Windows SKUs.

Published on: 2021-06-08
SKUs covered: 2
CVEs fixed: 31

Windows SKUs covered by this build

The SKUs below share this MSRC build number. Deploying the corresponding KB secures all of them at once.

CISA KEV: 4
Critical: 2
High: 28
NVD pending: 0

CVEs fixed by this build

CVE	Severity	KEV	Published	Description
CVE-2023-36025 2023-11-14 KEV Windows SmartScreen Security Feature Bypass Vulnerability	HIGH 8.8	KEV	2023-11-14	Windows SmartScreen Security Feature Bypass Vulnerability
CVE-2023-36036 2023-11-14 KEV Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability	HIGH 7.8	KEV	2023-11-14	Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2023-36424 2023-11-14 KEV Windows Common Log File System Driver Elevation of Privilege Vulnerability	HIGH 7.8	KEV	2023-11-14	Windows Common Log File System Driver Elevation of Privilege Vulnerability
CVE-2023-36033 2023-11-14 KEV Windows DWM Core Library Elevation of Privilege Vulnerability	HIGH 7.8	KEV	2023-11-14	Windows DWM Core Library Elevation of Privilege Vulnerability
CVE-2023-36397 2023-11-14 Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability	CRITICAL 9.8	—	2023-11-14	Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-36028 2023-11-14 Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability	HIGH 9.8	—	2023-11-14	Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability
CVE-2023-36423 2023-11-14 Microsoft Remote Registry Service Remote Code Execution Vulnerability	HIGH 8.8	—	2023-11-14	Microsoft Remote Registry Service Remote Code Execution Vulnerability
CVE-2023-36017 2023-11-14 Windows Scripting Engine Memory Corruption Vulnerability	HIGH 8.8	—	2023-11-14	Windows Scripting Engine Memory Corruption Vulnerability
CVE-2023-36402 2023-11-14 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability	HIGH 8.8	—	2023-11-14	Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-36400 2023-11-14 Windows HMAC Key Derivation Elevation of Privilege Vulnerability	CRITICAL 8.8	—	2023-11-14	Windows HMAC Key Derivation Elevation of Privilege Vulnerability
CVE-2023-36425 2023-11-14 Windows Distributed File System (DFS) Remote Code Execution Vulnerability	HIGH 8.0	—	2023-11-14	Windows Distributed File System (DFS) Remote Code Execution Vulnerability
CVE-2023-36705 2023-11-14 Windows Installer Elevation of Privilege Vulnerability	HIGH 7.8	—	2023-11-14	Windows Installer Elevation of Privilege Vulnerability
CVE-2023-36408 2023-11-14 Windows Hyper-V Elevation of Privilege Vulnerability	HIGH 7.8	—	2023-11-14	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2023-36407 2023-11-14 Windows Hyper-V Elevation of Privilege Vulnerability	HIGH 7.8	—	2023-11-14	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2023-36393 2023-11-14 Windows User Interface Application Core Remote Code Execution Vulnerability	HIGH 7.8	—	2023-11-14	Windows User Interface Application Core Remote Code Execution Vulnerability
CVE-2023-36047 2023-11-14 Windows Authentication Elevation of Privilege Vulnerability	HIGH 7.8	—	2023-11-14	Windows Authentication Elevation of Privilege Vulnerability
CVE-2023-36719 2023-11-14 Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability	HIGH 7.8	—	2023-11-14	Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability
CVE-2023-36401 2023-11-14 Microsoft Remote Registry Service Remote Code Execution Vulnerability	HIGH 7.2	—	2023-11-14	Microsoft Remote Registry Service Remote Code Execution Vulnerability
CVE-2023-36399 2023-11-14 Windows Storage Elevation of Privilege Vulnerability	HIGH 7.1	—	2023-11-14	Windows Storage Elevation of Privilege Vulnerability
CVE-2023-36046 2023-11-14 Windows Authentication Denial of Service Vulnerability	HIGH 7.1	—	2023-11-14	Windows Authentication Denial of Service Vulnerability
CVE-2023-36427 2023-11-14 Windows Hyper-V Elevation of Privilege Vulnerability	HIGH 7.0	—	2023-11-14	Windows Hyper-V Elevation of Privilege Vulnerability
CVE-2023-36405 2023-11-14 Windows Kernel Elevation of Privilege Vulnerability	HIGH 7.0	—	2023-11-14	Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36403 2023-11-14 Windows Kernel Elevation of Privilege Vulnerability	HIGH 7.0	—	2023-11-14	Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-36394 2023-11-14 Windows Search Service Elevation of Privilege Vulnerability	HIGH 7.0	—	2023-11-14	Windows Search Service Elevation of Privilege Vulnerability
CVE-2023-36398 2023-11-14 Windows NTFS Information Disclosure Vulnerability	HIGH 6.5	—	2023-11-14	Windows NTFS Information Disclosure Vulnerability
CVE-2023-36428 2023-11-14 Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability	HIGH 5.5	—	2023-11-14	Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability
CVE-2023-36406 2023-11-14 Windows Hyper-V Information Disclosure Vulnerability	HIGH 5.5	—	2023-11-14	Windows Hyper-V Information Disclosure Vulnerability
CVE-2023-36404 2023-11-14 Windows Kernel Information Disclosure Vulnerability	HIGH 5.5	—	2023-11-14	Windows Kernel Information Disclosure Vulnerability
CVE-2023-24023 2025-09-01 Indexed via Android Security Bulletin; full NVD metadata pending.	HIGH	—	2025-09-01	Indexed via Android Security Bulletin; full NVD metadata pending.
CVE-2023-38545 2023-10-10 Hackerone: CVE-2023-38545 SOCKS5 heap buffer overflow	HIGH	—	2023-10-10	Hackerone: CVE-2023-38545 SOCKS5 heap buffer overflow
CVE-2023-38039 2023-10-10 Hackerone: CVE-2023-38039 HTTP headers eat all memory	LOW	—	2023-10-10	Hackerone: CVE-2023-38039 HTTP headers eat all memory