CVE number = CVE-2022-41121
This vulnerability allows local attackers to elevate privileges on affected installations of Microsoft Windows.
An attacker must first obtain the ability to execute low-privilege code on the target system in order to exploit this vulnerability.
The specific flaw exists in the implementation of the graphics primitive PlgBlt.
The problem results from not properly validating a user-supplied value before dereferencing it as a pointer.
An attacker can exploit this vulnerability to elevate privileges and execute arbitrary code in the context of SYSTEM.
Microsoft has released an update to address this vulnerability.
More details can be found at:
UK based technology professional with an interest in IT security and telecommunications.