CVE-2022-23283 Windows ALPC Elevation of Privilege Vulnerability

This vulnerability allows remote attackers to execute code on vulnerable systems. Authentication is required to exploit this vulnerability. Hosts affected by this vulnerability include Windows 8, Windows 7, Windows Server 2012, Windows Server 2008, Windows Vista, Windows Server 2003, Windows XP, Windows 2000, Windows NT, Windows ME, and Windows-EMR. The update addresses the following issues: Addresses denial of service when a Windows application calls an ALPC-based RPC endpoint with a long name. Addresses an elevation of privilege vulnerability that could allow an attacker to execute code on an affected system.

CVE-2022-23287 VBScript Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24505.

Originally discovered by the Microsoft Vulnerability Research team and privately reported, this vulnerability allows remote attackers to execute arbitrary code on vulnerable Windows 7, Windows Server 2012, Windows 8, Windows Server 2012 R2, Windows Vista, Windows Server 2008, Windows XP, Windows Server 2003, Windows 2000, Windows NT, Windows ME, and Windows-EMR systems. The vulnerability exists due to a flaw in Microsoft Scripting Engine VBScript. Authentication is not required to exploit this vulnerability. Hosts affected by this vulnerability include Windows 7, Windows Server 2012, Windows 8, Windows Server 2012 R2, Windows Vista, Windows Server 2008, Windows XP, Windows Server 2003, Windows 2000, Windows NT, Windows ME, and Windows-EMR. The update addresses the

Browsers and Email Clients

Internet Explorer Multiple Remote Code Execution Vulnerabilities .

This vulnerability allows remote attackers to execute arbitrary code on vulnerable systems. Authentication is required to exploit this vulnerability. Hosts affected by this vulnerability include Windows 7, Windows Server 2012, Windows Server 2008, Windows Vista, Windows Server 2003, Windows XP, and Windows 2000. The update addresses the following issues: Addresses a denial of service when a third-party VBScript engine parses an empty string as an empty or non-existent array
Addresses an elevation of privilege vulnerability that could allow an attacker to execute code on an affected system

Windows 7, Windows 8, and Windows Server 2012 R2

This Microsoft update addresses a denial of service vulnerability in the Windows application-level scripting engine when a Windows application calls an ALPC-based RPC endpoint with a long name. The update also addresses an elevation of privilege vulnerability that could allow an attacker to execute code on an affected system.
Windows 8, Windows Server 2012, and Windows Server 2012 R2 are not directly addressed by this update; however, they are indirectly impacted due to how Microsoft Scripting Engine VBScript handles certain types of operations. The update is available for Windows 7 and Windows Server 2008.

Description of VBScript Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable Windows 7, Windows Server 2012, Windows 8, Windows Server 2012 R2, Windows Vista, Windows Server 2008, Windows XP, Windows Server 2003, Windows 2000, Windows NT, Windows ME, and Window-EMR systems. The vulnerability exists due to a flaw in Microsoft Scripting Engine VBScript. Authentication is not required to exploit this vulnerability. Hosts affected by this vulnerability include:

Windows 7 (MS11-078)
Windows 8 (MS12-014)
Windows 8.1 (MS14-023)
Windows 10 (MS16-009)
Windows Server 2012
Windows Server 2012 R2
Windows Vista
Windows Server 2008
Windows XP
Windows Server 2003
Microsoft Office 2007 SP3 x86/x64 Edition
Microsoft Office 2010 SP2 x86/x64 Edition

Solution overview:

The update addresses the vulnerabilities by correcting how Microsoft Scripting Engine VBScript handles specially crafted data. This vulnerability is unique from CVE-2022-24505.

Timeline

Published on: 03/09/2022 17:15:00 UTC
Last modified on: 05/23/2022 17:29:00 UTC