First published: Tue Jan 11 2022(Updated: )
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation.
Credit: secure@microsoft.com secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 10 | ||
Microsoft Windows 10 | ||
Microsoft Windows 10 | =20h2 | |
Microsoft Windows 10 | =20h2 | |
Microsoft Windows 10 | =20h2 | |
Microsoft Windows 10 | =21h1 | |
Microsoft Windows 10 | =21h1 | |
Microsoft Windows 10 | =21h1 | |
Microsoft Windows 10 | =21h2 | |
Microsoft Windows 10 | =21h2 | |
Microsoft Windows 10 | =21h2 | |
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =1909 | |
Microsoft Windows 10 | =1909 | |
Microsoft Windows 10 | =1909 | |
Microsoft Windows 11 | ||
Microsoft Windows 11 | ||
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 8.1 | ||
Microsoft Windows 8.1 | ||
Microsoft Windows 8.1 | ||
Microsoft Windows Server | =20h2 | |
Microsoft Windows Server | =2022 | |
Microsoft Windows Server 2008 | =sp2 | |
Microsoft Windows Server 2008 | =sp2 | |
Microsoft Windows Server 2008 | =r2-sp1 | |
Microsoft Windows Server 2012 | ||
Microsoft Windows Server 2012 | =r2 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2019 | ||
Microsoft Windows | ||
Microsoft Windows RT 8.1 | ||
Microsoft Windows 10 | =1909 | |
Microsoft Windows 10 | =21H1 | |
Microsoft Windows 8.1 for 32-bit systems | ||
Microsoft Windows 10 | ||
Microsoft Windows Server 2008 R2 | ||
Microsoft Windows 10 | =1909 | |
Microsoft Windows 10 | =21H1 | |
Microsoft Windows 7 | ||
Microsoft Windows 10 | =1607 | |
Microsoft Windows 11 | =21H2 | |
Microsoft Windows 10 | =20H2 | |
Microsoft Windows 11 | =21H2 | |
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2016 | ||
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =21H1 | |
Microsoft Windows Server 2012 | ||
Microsoft Windows Server | =20H2 | |
Microsoft Windows Server 2012 R2 | ||
Microsoft Windows 8.1 for x64-based systems | ||
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows Server 2022 | ||
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =20H2 | |
Microsoft Windows 10 | ||
Microsoft Windows Server 2008 | ||
Microsoft Windows Server 2012 R2 | ||
Microsoft Windows Server 2008 R2 | ||
Microsoft Windows Server 2022 | ||
Microsoft Windows Server 2008 | ||
Microsoft Windows 7 | ||
Microsoft Windows Server 2012 | ||
Microsoft Windows Server 2008 | ||
Microsoft Windows Server 2008 | ||
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =1909 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2019 | ||
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 1507 | <10.0.10240.19177 | |
Microsoft Windows 10 1507 | <10.0.10240.19177 | |
Microsoft Windows 10 1607 | <10.0.14393.4886 | |
Microsoft Windows 10 1607 | <10.0.14393.4886 | |
Microsoft Windows 10 1809 | <10.0.17763.2452 | |
Microsoft Windows 10 1809 | <10.0.17763.2452 | |
Microsoft Windows 10 1909 | <10.0.18363.2037 | |
Microsoft Windows 10 20h2 | <10.0.19042.1466 | |
Microsoft Windows 10 21h1 | <10.0.19043.1466 | |
Microsoft Windows 10 21h2 | <10.0.19044.1466 | |
Microsoft Windows 11 21h2 | <10.0.22000.434 | |
Microsoft Windows 7 | =sp1 | |
Microsoft Windows 8.1 | ||
Microsoft Windows RT 8.1 | ||
Microsoft Windows Server 2008 | =sp2 | |
Microsoft Windows Server 2016 | <10.0.14393.4886 | |
Microsoft Windows Server 2019 | <10.0.17763.2452 | |
Microsoft Windows Server 2022 | <10.0.20348.469 | |
Microsoft Windows Server 20h2 | <10.0.19042.1466 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-21919 is a vulnerability in Microsoft Windows User Profile Service that allows for privilege escalation.
Microsoft Windows 10, Microsoft Windows 11, Microsoft Windows 7, Microsoft Windows 8.1, Microsoft Windows Server, and Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, 2016, and 2019 are affected by CVE-2022-21919.
CVE-2022-21919 has a severity rating of high (7 out of 10).
Apply the latest security updates and patches provided by Microsoft to mitigate CVE-2022-21919.
You can find more information about CVE-2022-21919 on the Microsoft Security Guidance advisory page: [link](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21919).