CVE-2022-21882

Name of the Vulnerable Software and Affected Versions Windows 10 (affected versions not specified) Windows 11 (affected versions not specified) Windows Server 2019 (affected versions not specified) Windows Server 2022 (affected versions not specified)

Description An elevation of privilege issue exists in the Win32k component (win32k.sys) of the Windows NT kernel due to improper access control and a use-after-free flaw. A use-after-free occurs when a program continues to use a pointer after it has been freed, which can lead to memory corruption. By manipulating window objects and their lifetime, an attacker can force the kernel to operate on a freed object under their control, enabling arbitrary kernel read/write capabilities to swap the current process token with the SYSTEM token. This issue has been actively exploited in real-world incidents, including use by ransomware for network propagation.

Recommendations Apply the updates provided by Microsoft in the January Tuesday updates for Windows 10, Windows 11, Windows Server 2019, and Windows Server 2022.