CVE-2022-41128

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to 10.0.10240.19567 Microsoft Windows 10 1507 versions prior to 10.0.10240.19567 Microsoft Windows 10 1607 versions prior to 10.0.14393.5501 Microsoft Windows 10 1809 versions prior to 10.0.17763.3650 Microsoft Windows 10 20h2 versions prior to 10.0.19042.2251 Microsoft Windows 10 21h1 versions prior to 10.0.19043.2251

Description The issue is related to a remote code execution vulnerability in the Windows Scripting Languages. It allows remote attackers to execute arbitrary code and affect the system. The vulnerability was exploited by North Korean hackers, known as APT37, in targeted attacks on South Korean neighbors. The attack was implemented by embedding malicious software in documents referencing a recent mass incident in Itaewon, Seoul. The vulnerability was used to deliver malicious software or execute arbitrary code when displaying a website controlled by an attacker. The estimated number of potentially affected devices is not specified.

Recommendations For Microsoft Windows versions prior to 10.0.10240.19567, update to a version newer than 10.0.10240.19567. For Microsoft Windows 10 1507 versions prior to 10.0.10240.19567, update to a version newer than 10.0.10240.19567. For Microsoft Windows 10 1607 versions prior to 10.0.14393.5501, update to a version newer than 10.0.14393.5501. For Microsoft Windows 10 1809 versions prior to 10.0.17763.3650, update to a version newer than 10.0.17763.3650. For Microsoft Windows 10 20h2 versions prior to 10.0.19042.2251, update to a version newer than 10.0.19042.2251. For Microsoft Windows 10 21h1 versions prior to 10.0.19043.2251, update to a version newer than 10.0.19043.2251.