Microsoft released an update for this vulnerability on March 7, 2019. This update fixes the vulnerability by changing the way how the Microsoft DWM Core Library handles Active X controls in Microsoft Internet Explorer. If you are using Microsoft Internet Explorer on Windows 10, Windows 10 version 1803, Windows 10 version 1703, Windows 10 version 1607, Windows 10 version 1511, or Windows 10 version 1403, you can manually update your system to the latest version by following the steps below. Go to Settings > Windows Update and select Check for updates. Click on the Install button and accept the update when it is offered to you. After the update has been installed, you will need to restart your computer in order to apply the changes made by this update. This issue has been resolved in the latest version of Microsoft DWM Core Library released for Windows 10 version 1803, Windows 10 version 1703, Windows 10 version 1607, Windows 10 version 1511, or Windows 10 version 1403. You can upgrade to the latest version by installing the update from Windows Update. If you cannot upgrade your system to the latest version or if you do not want to update your system automatically, you can download the Microsoft DWM Core Library from the Microsoft Download Center and install it manually. After you have installed the Microsoft DWM Core Library, you will need to reboot your computer to make the changes take effect.
Microsoft Windows 10 versions affected
Microsoft has released this update for Windows 10 versions affected by CVE-2022-37983. Below are the impacted versions of Windows 10:
Windows 10 version 1803 (April 8, 2018)
Windows 10 version 1703 (November 14, 2017)
Windows 10 version 1607 (July 2016)
Windows 10 version 1511 (October 2015)
Windows 10 version 1403 (July 2015)
Update your Microsoft DWM Core Library
If you are affected by this vulnerability and want to update your system to the latest version on a computer that is running Windows 10, Windows 10 version 1803, Windows 10 version 1703, Windows 10 version 1607, Windows 10 version 1511, or Windows 10 version 1403, follow these steps:
1. Go to Settings > Update and Security > Check for updates. Click on the Install button and accept the update when it is offered.
2. After the update has been installed, you will need to restart your computer in order to apply the changes made by this update.
3. If you cannot upgrade your system to the latest version or if you do not want to update your system automatically, you can download the Microsoft DWM Core Library from the Microsoft Download Center and install it manually.
How to update Microsoft DWM Core Library manually
Step 1: Download the Microsoft DWM Core Library from the Microsoft Download Center
Step 2: Open the downloaded file and run the extracted folder to install the Microsoft DWM Core Library
Step 3: After installation is complete, reboot your computer
Step 4: Verify that you are using the latest version of Microsoft DWM Core Library by going to Start > Control Panel > Programs > Programs and Features
Step 5: Check for updates in Windows Update to make sure your system is up-to-date
Microsoft DWM Core Library Installation
1. Open the Microsoft Download Center and find the Microsoft DWM Core Library for your version of Windows 10.
2. Right-click on the file and select "Save as".
3. If a window pops up asking where you want to save the file, choose a place on your computer that is easy to remember or open another program (such as Notepad) so that you can create a text file and save it there.
4. After you have saved your text file, double-click it to open it in Notepad or whatever program you used to save it.
5. Copy and paste all of the code from this section into that text document, then save it again with a new name like "Microsoft DWM Core Library - (Year)". For example, if you saved this file in Notepad as "Microsoft DWM Core Library - 2019", then rename the file to "Microsoft DWM Core Library - 2019" after copying and pasting all of the code from this section into that text document instead of renaming it directly after saving it for the first time like I did in this tutorial.
6. Double-click on your newly renamed text document to open it up in Notepad or whatever program you used to save it again and click File > Save As so that your newly renamed text document will be saved as an .exe file instead of a .txt document.
7a. If you are updating a legacy installation (one downloaded through
Microsoft DWM Core Library: What is it and why should you care?
Microsoft DWM Core Library is a software package that provides the core library used by Microsoft's Desktop Window Manager (DWM) and Microsoft Internet Explorer. The vulnerability, CVE-2022-37983, was discovered in March 2019. It is a remotely exploitable denial of service vulnerability which could allow an attacker to execute arbitrary code on the target system. This update fixes this vulnerability.
For more information on how to protect your system against security vulnerabilities like this one, see the following article:
http://www.microsoft.com/security/pc-security/mitigation-for-microsoft-internet-explorer-vulnerabilities
Timeline
Published on: 10/11/2022 19:15:00 UTC
Last modified on: 10/11/2022 19:16:00 UTC