The remote Windows host is missing security update 5017328. It is, therefore, affected by multiple vulnerabilities
– Certain Arm Cortex and Neoverse processors through 2022-03-08 do not properly restrict cache speculation, aka Spectre-BHB. An attacker can leverage the shared branch history in the Branch History Buffer (BHB) to influence mispredicted branches. Then, cache allocation can allow the attacker to obtain sensitive information. (CVE-2022-23960)
– Windows Photo Import API Elevation of Privilege Vulnerability (CVE-2022-26928)
– Windows Credential Roaming Service Elevation of Privilege Vulnerability (CVE-2022-30170)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More