ZDI-22-1285 - Microsoft Windows, Microsoft Windows 7 and Microsoft Windows Server 2022

September 19, 2022

Moderate 7.0

This vulnerability allows local attackers to escalate privileges on affected installations of Microsoft Windows. This vulnerability is dependent upon a Group Policy setting, and an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

Affected software

Microsoft Windows

Microsoft Windows 7

Microsoft Windows Server 2022

Microsoft Windows 10

Microsoft Windows Server 2012

Microsoft Windows 11

Microsoft Windows 8.1

Microsoft Windows Server 2016

Microsoft Windows Server 2019

Microsoft Windows Server 2008

Reference links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37955
http://www.zerodayinitiative.com/advisories/ZDI-22-1285/

ZDI-22-1285 - Microsoft Windows, Microsoft Windows 7 and Microsoft Windows Server 2022

Affected software

Reference links

Get alerted to vulnerabilities in your software