Skip to main content

Microsoft Windows TCP/IP Remote Code Execution Vulnerability

CVE-2022-34718 is a vulnerability that could allow an unauthenticated, remote attacker to execute code with elevated privileges on affected systems without user interaction

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

CVE-2022-34718 is a vulnerability that could allow an unauthenticated, remote attacker to execute code with elevated privileges on affected systems without user interaction


Affected platforms

The following platforms are known to be affected:

Microsoft Windows

  • Windows 11 for x64-based Systems                                                     
  • Windows 11 for ARM64-based Systems                                                     
  • Windows 10 Version 21H2 for x64-based Systems                                                     
  • Windows 10 Version 21H2 for ARM64-based Systems                                                        
  • Windows 10 Version 21H2 for 32-bit Systems                                                     
  • Windows 10 Version 21H1 for x64-based Systems                                                     
  • Windows 10 Version 21H1 for ARM64-based Systems                                                     
  • Windows 10 Version 21H1 for 32-bit Systems                                                     
  • Windows 10 Version 20H2 for x64-based Systems                                                     
  • Windows 10 Version 20H2 for ARM64-based Systems                                                     
  • Windows 10 Version 20H2 for 32-bit Systems                                                     
  • Windows 10 Version 1809 for x64-based Systems                                                     
  • Windows 10 Version 1809 for ARM64-based Systems                                                     
  • Windows 10 Version 1809 for 32-bit Systems                                                     
  • Windows 10 Version 1607 for x64-based Systems                                                     
  • Windows 10 Version 1607 for 32-bit Systems                                                     
  • Windows 10 for x64-based Systems                                                     
  • Windows 10 for 32-bit Systems                                                     
  • Windows RT 8.1                                                     
  • Windows 8.1 for x64-based systems                                                     
  • Windows 8.1 for 32-bit systems                                                     
  • Windows 7 for x64-based Systems Service Pack 1                                                     
  • Windows 7 for 32-bit Systems Service Pack 1                                                     

Threat details

Introduction

CVE-2022-34718 is a vulnerability that could allow an unauthenticated, remote attacker to execute code with elevated privileges on affected systems without user interaction.


Remediation advice

Affected organisations are required to read Microsoft's guidance Windows TCP/IP Remote Code Execution Vulnerability CVE-2022-34718 and apply the relevant updates as soon as practicable.



Last edited: 14 September 2022 3:52 pm