CVE-2022-23287 Windows ALPC Elevation of Privilege Vulnerability

CVE-2022-23287 Windows ALPC Elevation of Privilege Vulnerability

This is a high severity vulnerability due to the fact that when a user logs into a Windows domain with a non-domain user account, they may be vulnerable to remote code execution due to the fact that the non-domain user account has elevated privileges. Non-domain user accounts are generally created by system administrators and are intended for non-privileged users, such as contractors and users who need to access resources that are not accessible to other administrators. Systems administrators should be aware of the risk associated with non-domain user accounts and be sure to assign these accounts a minimum level of privilege. In addition, users should be careful when creating non-domain user accounts.

Affected Software

This vulnerability affects the following Microsoft products:
Microsoft Windows 10
Microsoft Windows Server 2012 R2
Microsoft Windows Server 2016

Steps to Take to Protect Yourself From This Vulnerability

System administrators should be aware of the risk associated with non-domain user accounts and be sure to assign these accounts a minimum level of privilege. In addition, users should be careful when creating non-domain user accounts.
System administrators can take steps to protect themselves from this vulnerability by updating their systems with the latest security patches, implementing secure account policies for non-domain user accounts, and periodically reviewing and updating their account privileges for all users.

Vulnerability Details

This vulnerability is due to the fact that when a user logs into a Windows domain with a non-domain user account, they may be vulnerable to remote code execution. In order to exploit this vulnerability, an attacker would need to first obtain the credentials of a user who has been granted the privilege to access resources on the system. Non-domain users are generally created by system administrators and are intended for non-privileged users, such as contractors and users who need to access resources that are not accessible to other administrators. Systems administrators should be aware of the risk associated with non-domain user accounts and be sure to assign these accounts a minimum level of privilege. In addition, users should be careful when creating non-domain user accounts.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe