Skip to Main Content

Anatomy of an exploit in Windows win32k – CVE-2022-21882

A new manipulation technique of window objects in kernel memory that leads to privilege escalation. The Avira Threat Protection Labs is a dedicated team, with members based around the world. Its research focuses on emerging and developing cyberthreats. Researchers from this team investigated a patched Common Vulnerability and Exposure (commonly referred to as a CVE)

When the world started to work-from-home, cybercriminals changed their focus. VPN technology, such as Pulse Secure’s Connect VPN, became a focus of attacks. For example, vphishing (voice phishing) is widely used in an attempt to steal employees’ VPN credentials and access their organization’s network either…