CVE-2022-41125 - Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability

Vulnerability Name

Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability

Description

Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41125

https://nvd.nist.gov/vuln/detail/CVE-2022-41125