CVE-2022-24460 – Tablet Windows User Interface Application Elevation of Privilege Vulnerability
Released: 8/3/2022
Severity: High
Description:
An exploit was discovered in Microsoft Windows 10, 11, Server 2016 and Server 2022 that allows an authenticated user to escalate their privilege to a system administrator. The vulnerability is in tablet mode for windows, requiring a complex procedure to exploit. Currently there are no publicly available proof of concepts that would permit widespread abuse.
Mitigations:
By keeping up to date on regular Windows updates, you should be protected from this vulnerability as the fix was released in the March security update. For increased awareness into these kinds of privilege escalation attacks, monitoring the Windows event logs in a SIEM can keep you alerted of potential threats. Brace168 offers manages SIEM services in a secure environment to detect and prevent potential threats and keep you safe.
