Cybersecurity Alerts

Microsoft Windows CNG Key Isolation Service Privilege Escalation Vulnerability

Microsoft Windows Cryptographic Next Generation (CNG) Key Isolation Service contains an unspecified vulnerability that allows an attacker to gain SYSTEM-level privileges.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-787

References

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-41125
• https://nvd.nist.gov/vuln/detail/CVE-2022-41125