Microsoft IME Japanese Privilege Escalation Vulnerability
Project:Microsoft
Product:Input Method Editor (IME) Japanese
Date Added:2022-05-25Due Date::2022-06-15
Vulnerability Name
Microsoft IME Japanese Privilege Escalation Vulnerability
Description
Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2014-4077