CVE-2022-21908 Windows Installer Elevation of Privilege Vulnerability.

CVE-2022-21908 Windows Installer Elevation of Privilege Vulnerability.

Microsoft has classified this as a “critical” vulnerability in their advisory. There are a couple different scenarios where this could be exploited by malicious code. The most obvious one is if an attacker were able to install an arbitrary program onto the machine. This could be done through an infected email, a drive-by download, or even just by convincing a user to click on a malicious link. Depending on the scenario, this could lead to the attacker having full access to the machine.
In addition, it’s possible that a program could be installed that had the “elevation of privilege”. For example, a program that runs at startup or a program that has administrative rights. The attacker would then have the same capabilities as the administrator.

CVE-2022-2191

This vulnerability is similar to CVE-2022-21908 in that there are a couple different ways to exploit it. If an attacker were able to install an arbitrary program on the machine, they would have full control of the machine. Similar to CVE-2022-21908, it’s also possible for an attacker to elevate their privileges through this vulnerability or for a malicious program to start running at startup.

Microsoft Edge CVE-2022-21909

Microsoft has classified this as a “critical” vulnerability in their advisory. There are a couple different scenarios where this could be exploited by malicious code. The most obvious one is if an attacker were able to install an arbitrary program onto the machine. This could be done through an infected email, a drive-by download, or even just by convincing a user to click on a malicious link. Depending on the scenario, this could lead to the attacker having full access to the machine.
In addition, it’s possible that a program could be installed that had the “elevation of privilege”. For example, a program that runs at startup or a program that has administrative rights. The attacker would then have the same capabilities as the administrator.

Microsoft Windows Information Disclosure Vulnerability – CVE-2022-21909

Microsoft has classified this as a “critical” vulnerability in their advisory. There are a couple different scenarios where this could be exploited by malicious code. The most obvious one is if an attacker were able to install an arbitrary program onto the machine. This could be done through an infected email, a drive-by download, or even just by convincing a user to click on a malicious link. Depending on the scenario, this could lead to the attacker having full access to the machine.
In addition, it’s possible that a program could be installed that had the “elevation of privilege”. For example, a program that runs at startup or a program that has administrative rights. The attacker would then have the same capabilities as the administrator.

Known Issues

Microsoft released a statement yesterday that said, “A customer with a single workstation may be able to detect and prevent an exploit by manually copying the registry key from one machine to another. However, this will not help customers on machines that are part of a domain or are in use across multiple offices.” Microsoft also said they have no plans to release a patch for this vulnerability.

The CVE-2022-21908 is a critical vulnerability (seriously?) in Windows 10 affecting all versions of Windows 10. If exploited, it could allow an attacker root access to the computer.

Windows 10 CVE-2022-21908 – Elevation of Privilege

Microsoft has classified this as a “critical” vulnerability in their advisory. There are a couple different scenarios where this could be exploited by malicious code. The most obvious one is if an attacker were able to install an arbitrary program onto the machine. This could be done through an infected email, a drive-by download, or even just by convincing a user to click on a malicious link. Depending on the scenario, this could lead to the attacker having full access to the machine.
In addition, it’s possible that a program could be installed that had the “elevation of privilege”. For example, a program that runs at startup or a program that has administrative rights. The attacker would then have the same capabilities as the administrator.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe