Microsoft WDAC OLE DB Provider Remote Code Execution Vulnerability

Microsoft WDAC OLE DB Provider Remote Code Execution Vulnerability

Microsoft has announced a new vulnerability on WDAC OLE DB Provider.

Successfull exloitation can lead to a remote code execution.

Affected Systems

• Windows 10 Version 20H2 for ARM64-based Systems
• Windows 11 for x64-based Systems
• Windows 11 for ARM64-based Systems
• Windows 10 Version 21H2 for 32-bit Systems
• Windows 10 Version 21H2 for ARM64-based Systems
• Windows 10 Version 21H2 for x64-based Systems
• Windows 11 Version 22H2 for ARM64-based Systems
• Windows 11 Version 22H2 for x64-based Systems
• Windows 10 for 32-bit Systems
• Windows 10 for x64-based Systems
• Windows 10 Version 1607 for 32-bit Systems
• Windows 10 Version 1607 for x64-based Systems
• Windows Server 2016
• Windows Server 2016 (Server Core installation)
• Windows 7 for 32-bit Systems Service Pack 1
• Windows 7 for x64-based Systems Service Pack 1
• Windows 8.1 for 32-bit systems
• Windows 8.1 for x64-based systems
• Windows RT 8.1
• Windows Server 2008 for 32-bit Systems Service Pack 2
• Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 for x64-based Systems Service Pack 2
• Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)
• Windows Server 2008 R2 for x64-based Systems Service Pack 1
• Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
• Windows Server 2012
• Windows Server 2012 (Server Core installation)
• Windows Server 2012 R2
• Windows Server 2012 R2 (Server Core installation)
• Windows 10 Version 20H2 for 32-bit Systems
• Windows 10 Version 20H2 for x64-based Systems
• Windows Server 2022 (Server Core installation)
• Windows Server 2022
• Windows 10 Version 21H1 for 32-bit Systems
• Windows 10 Version 21H1 for ARM64-based Systems
• Windows 10 Version 21H1 for x64-based Systems
• Windows Server 2019 (Server Core installation)
• Windows Server 2019
• Windows 10 Version 1809 for ARM64-based Systems
• Windows 10 Version 1809 for x64-based Systems
• Windows 10 Version 1809 for 32-bit Systems

IoC’s

-

Recommended Solution(s)

Organizations using the above-mentioned products are recommended to apply applicable patches from https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2022-38031.

CVE / CWE

CVE-2022-38031

Related Website(s)

• https://nvd.nist.gov/vuln/detail/CVE-2022-38031

* Vulnerabilities with a CVSS 3.1 score between 7.0 and 8.9 are evaluated to be “high” whereas vulnerabilities with a CVSS 3.1 score between 9.0 and 10.0 are evaluated to be “critical”.