ZDI-22-1185 - Microsoft Windows, Microsoft Windows 7 and Microsoft Windows Server 2008

September 6, 2022

Critical 8.4

This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of Microsoft Windows Active Directory Certificate Services. Authentication is required to exploit this vulnerability.

Affected software

Microsoft Windows

Microsoft Windows 7

Microsoft Windows Server 2008

Microsoft Windows Server 2012

Microsoft Windows 10

Microsoft Windows Server 2019

Microsoft Windows Server 2022

Microsoft Windows Server 2016

Microsoft Windows Rt 8.1

Microsoft Windows 8.1

Microsoft Windows 11

Reference links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-34691
http://www.zerodayinitiative.com/advisories/ZDI-22-1185/

ZDI-22-1185 - Microsoft Windows, Microsoft Windows 7 and Microsoft Windows Server 2008

Affected software

Reference links

Get alerted to vulnerabilities in your software