KLA12549 RCE vulnerability in Microsoft Windows

A remote code execution vulnerability was found in Microsoft Windows. Malicious users can exploit this vulnerability to execute arbitrary code.

Original advisories

CVE-2022-30190

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows

Microsoft-Windows-Server

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Windows-RT

Microsoft-Windows-10

Microsoft-Azure

Microsoft-Windows-Server-2016

Microsoft-Windows-Server-2019

CVE list

CVE-2022-30190 critical

KB list

5014702

5014699

5014692

5014710

5014678

5014738

5014697

5014746

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

• ACE

Arbitrary code execution. Exploitation of vulnerabilities with this impact can lead to executing by abuser any code or commands at vulnerable machine or process.

• OSI

Obtain sensitive information. Exploitation of vulnerabilities with this impact can lead to capturing by abuser information, critical for user or system.

Affected Products

• Windows 10 Version 20H2 for ARM64-based SystemsWindows Server 2019 (Server Core installation)Windows 10 Version 20H2 for x64-based SystemsWindows 10 Version 1809 for 32-bit SystemsWindows 8.1 for 32-bit systemsWindows 10 Version 21H1 for 32-bit SystemsWindows 10 Version 1809 for x64-based SystemsWindows Server 2012 R2Windows Server, version 20H2 (Server Core Installation)Windows Server 2016Windows Server 2019Windows 10 Version 21H2 for 32-bit SystemsWindows Server 2012 (Server Core installation)Windows 10 for x64-based SystemsWindows Server 2016 (Server Core installation)Windows 10 Version 21H1 for ARM64-based SystemsWindows RT 8.1Windows Server 2022Windows 10 Version 21H1 for x64-based SystemsWindows 10 Version 21H2 for ARM64-based SystemsWindows 10 Version 1607 for 32-bit SystemsWindows Server 2022 (Server Core installation)Windows 11 for ARM64-based SystemsWindows 11 for x64-based SystemsWindows 10 for 32-bit SystemsWindows Server 2012Windows 10 Version 21H2 for x64-based SystemsWindows 10 Version 1809 for ARM64-based SystemsWindows 8.1 for x64-based systemsWindows 10 Version 1607 for x64-based SystemsWindows Server 2012 R2 (Server Core installation)Windows 10 Version 20H2 for 32-bit SystemsWindows Server 2022 Azure Edition Core HotpatchMicrosoft Windows Support Diagnostic Tool (MSDT)