Multiple vulnerabilities in Microsoft Windows Graphics Component



| Updated: 2023-04-25
Risk Low
Patch available YES
Number of vulnerabilities 6
CVE-ID CVE-2022-41121
CVE-2022-44697
CVE-2022-44680
CVE-2022-44679
CVE-2022-44671
CVE-2022-41074
CWE-ID CWE-822
CWE-476
CWE-264
CWE-200
CWE-416
Exploitation vector Local
Public exploit N/A
Vulnerable software
Windows
Operating systems & Components / Operating system

Windows Server
Operating systems & Components / Operating system

Remote Desktop client for Windows Desktop
Other software / Other software solutions

Vendor Microsoft

Security Bulletin

This security bulletin contains information about 6 vulnerabilities.

1) Untrusted Pointer Dereference

EUVDB-ID: #VU70157

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-41121

CWE-ID: CWE-822 - Untrusted Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper input validation within the StretchBlt and PlgBlt graphics primitives. A local user can run a specially crafted program to trigger an untrusted pointer dereference and execute arbitrary code with SYSTEM privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 7 - 11

Windows Server: 2008 R2 - 2022 10.0.20348.202

Remote Desktop client for Windows Desktop: All versions

CPE2.3 External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41121
http://www.zerodayinitiative.com/advisories/ZDI-22-1694/
http://www.zerodayinitiative.com/advisories/ZDI-22-1693/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) NULL pointer dereference

EUVDB-ID: #VU70163

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-44697

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error within the win32kfull driver. A local user can run a specially crafted program and perform a denial of service (DoS) attack.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 7 - 11

Windows Server: 2008 R2 - 2022 10.0.20348.202

Remote Desktop client for Windows Desktop: All versions

CPE2.3 External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44697
http://www.zerodayinitiative.com/advisories/ZDI-22-1675/
http://www.zerodayinitiative.com/advisories/ZDI-23-476/
http://www.zerodayinitiative.com/advisories/ZDI-23-475/
http://www.zerodayinitiative.com/advisories/ZDI-23-474/
http://www.zerodayinitiative.com/advisories/ZDI-23-473/
http://www.zerodayinitiative.com/advisories/ZDI-23-472/
http://www.zerodayinitiative.com/advisories/ZDI-23-471/
http://www.zerodayinitiative.com/advisories/ZDI-23-470/
http://www.zerodayinitiative.com/advisories/ZDI-23-469/
http://www.zerodayinitiative.com/advisories/ZDI-23-468/
http://www.zerodayinitiative.com/advisories/ZDI-23-467/
http://www.zerodayinitiative.com/advisories/ZDI-23-466/
http://www.zerodayinitiative.com/advisories/ZDI-23-465/
http://www.zerodayinitiative.com/advisories/ZDI-23-464/
http://www.zerodayinitiative.com/advisories/ZDI-23-463/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU70162

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-44680

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to application does not properly impose security restrictions in the Windows Graphics Component, which leads to security restrictions bypass and privilege escalation.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 8.1 RT - 11

Windows Server: 2012 R2 - 2022 10.0.20348.202

CPE2.3 External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44680


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Information disclosure

EUVDB-ID: #VU70160

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-44679

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in the Windows Graphics Component. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 8.1 RT - 11

Windows Server: 2012 R2 - 2022 10.0.20348.202

Remote Desktop client for Windows Desktop: All versions

CPE2.3 External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44679


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Use-after-free

EUVDB-ID: #VU70159

Risk: Low

CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-44671

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the GreDrawStream function. A local user can run a specially crafted program to trigger a use-after-free error and execute arbitrary code with SYSTEM privileges.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 10 Gold - 11

Windows Server: 2019 10.0.17763.1 - 2022 10.0.20348.202

CPE2.3 External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-44671
http://www.zerodayinitiative.com/advisories/ZDI-22-1692/


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Information disclosure

EUVDB-ID: #VU70158

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-41074

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to potentially sensitive information.

The vulnerability exists due to excessive data output by the application in the Windows Graphics Component. A local user can gain unauthorized access to sensitive information on the system.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Windows: 7 - 11

Windows Server: 2008 R2 - 2022 10.0.20348.202

Remote Desktop client for Windows Desktop: All versions

CPE2.3 External links

http://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41074


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###