These two CVEs together have been assigned the name “Windows Fax Compose Form Remote Code Execution Vulnerability”. Details CVE-2022-26916: A code execution vulnerability has been discovered in Windows Fax Compose Form. This issue is caused due to a misconfiguration of the Windows Fax Service. Once a user is tricked into sending a specially crafted fax, an attacker can use Windows Fax Service to execute arbitrary code on the target system. This vulnerability can be exploited by sending a malicious fax to a victim. An attacker can send a malicious fax with a malicious document that is capable to trigger a code execution. The Windows Fax Service is enabled by default in Windows Vista, Windows 7 and Windows 8. This issue can be exploited by attackers using remote or social engineering. CVE-2022-26918: A code execution vulnerability has been discovered in Windows Fax Compose Form. This issue is caused due to a misconfiguration of the Windows Fax Service. Once a user is tricked into sending a specially crafted fax, an attacker can use Windows Fax Service to execute arbitrary code on the target system. This vulnerability can be exploited by sending a malicious fax to a victim. An attacker can send a malicious fax with a malicious document that is capable to trigger a code execution. The Windows Fax Service is enabled by default in Windows Vista, Windows 7 and Windows 8. This issue can be exploited by attackers using remote or social engineering. Microsoft has provided

Windows Fax Compose Form Remote Code Execution Vulnerability

Most of the Windows Fax Compose Form vulnerability requires users to be tricked into clicking on a maliciously crafted link. The vulnerability is triggered when a user clicks the link that triggers an exploit and executes arbitrary code on their system through the Windows Fax Service. Once exploited, the attacker's system can gain control of the target computer’s files or data.
Affected Systems:
- Windows Vista, Windows 7, and Windows 8
- Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats (x86)
- Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2010 File Formats (x86)
- Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2013 File Formats (x86)
- Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2016 File Formats (x86)

Windows Fax Compose Form Remote Code Execution Vulnerability – CVE-2022 -26916

The code execution vulnerability in the Windows Fax Compose Form has been discovered and assigned CVE-2022-26916. This issue is caused due to a misconfiguration of the Windows Fax Service. Once a user is tricked into sending a specially crafted fax, an attacker can use Windows Fax Service to execute arbitrary code on the target system. This vulnerability can be exploited by sending a malicious fax to a victim. An attacker can send a malicious fax with a malicious document that is capable to trigger a code execution. The Windows Fax Service is enabled by default in Windows Vista, Windows 7 and Windows 8.
Once the user receives this fax, he/she will get suspicious and open it up as well as double check its contents for authenticity. This will cause them to make changes to the settings of their computer's operating system which will allow attackers access over remote networks or other devices connected to that same network they are located on. The users computer will then act as another vector for this attack even if they don't open it up. This Vulnerability has been assigned the name "Windows Fax Compose Form Remote Code Execution Vulnerability"

Timeline

Published on: 04/15/2022 19:15:00 UTC
Last modified on: 04/25/2022 18:25:00 UTC

References