CVE-2022-21971 Windows Runtime Remote Code Execution Vulnerability.

CVE-2022-21971 Windows Runtime Remote Code Execution Vulnerability.

This security issue was discovered by security researcher Mohamed Ghannam from VERTEX. It affects all versions of Windows, including the latest Windows 10 Fall Creators update. The vulnerability lies in the way that Windows handles loading C++ files with the Win32 API. An attacker could create a specially-crafted image file in such a way that it could exploit this vulnerability. An attacker could then trick a user on a targeted computer into opening this malicious file. If the user then attempts to load any C++ file that was created by using the Win32 API, then this vulnerability could allow an attacker to execute arbitrary code on the user’s computer. To exploit this vulnerability, an attacker would need to convince a user to open a specially-crafted image file. An attacker could then trick a user on a targeted computer into opening this malicious file.

Vulnerability overview

A vulnerability has been discovered in Windows that allows attackers to execute arbitrary code on a targeted computer. The vulnerability lies in the way that Windows handles loading C++ files with the Win32 API. An attacker could create a specially-crafted image file in such a way that it could exploit this vulnerability. An attacker could then trick a user on a targeted computer into opening this malicious file. If the user then attempts to load any C++ file that was created by using the Win32 API, then this vulnerability could allow an attacker to execute arbitrary code on the user’s computer.

Microsoft Windows Product Codes

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe