What is the severity of CVE-2022-21984?

CVE-2022-21984 has been assigned a CVSS score indicating a critical severity level due to its potential for remote code execution.

How do I fix CVE-2022-21984?

To fix CVE-2022-21984, you must install the relevant security updates provided by Microsoft for the affected Windows versions.

Which versions of Windows are affected by CVE-2022-21984?

CVE-2022-21984 affects Windows 10, Windows 11, and several versions of Windows Server.

Can CVE-2022-21984 be exploited remotely?

Yes, CVE-2022-21984 can be exploited remotely, allowing attackers to execute arbitrary code on vulnerable systems.

What are the potential consequences of an exploit for CVE-2022-21984?

Exploitation of CVE-2022-21984 may lead to full system compromise, allowing an attacker to install programs, view, change, or delete data, and create new accounts.

Vulnerability/
CVE-2022-21984

high

8.8

8/2/2022

9/2/2022

2/1/2025

CVE-2022-21984: Windows DNS Server Remote Code Execution Vulnerability

First published: Tue Feb 08 2022(Updated: )

Windows DNS Server Remote Code Execution Vulnerability

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Windows 10	=20h2
Microsoft Windows 10	=20h2
Microsoft Windows 10	=20h2
Microsoft Windows 10	=21h1
Microsoft Windows 10	=21h1
Microsoft Windows 10	=21h1
Microsoft Windows 10	=21h2
Microsoft Windows 10	=21h2
Microsoft Windows 10	=21h2
Microsoft Windows 10	=1909
Microsoft Windows 10	=1909
Microsoft Windows 10	=1909
Microsoft Windows 11
Microsoft Windows 11
Microsoft Windows Server	=20h2
Microsoft Windows Server	=2022
	=21H2	fix available externally
	=21H2	fix available externally
	=21H2	fix available externally
	=21H2	fix available externally
	=21H2	fix available externally
	=20H2	fix available externally
		fix available externally fix available externally
	=20H2	fix available externally
	=21H1	fix available externally
	=1909	fix available externally
	=21H1	fix available externally
	=21H1	fix available externally
		fix available externally fix available externally
	=1909	fix available externally
	=20H2	fix available externally
	=1909	fix available externally
	=20H2	fix available externally

Never miss a vulnerability like this again

Reference Links

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-21984 (Advisory)

Frequently Asked Questions

What is the severity of CVE-2022-21984?
CVE-2022-21984 has been assigned a CVSS score indicating a critical severity level due to its potential for remote code execution.
How do I fix CVE-2022-21984?
To fix CVE-2022-21984, you must install the relevant security updates provided by Microsoft for the affected Windows versions.
Which versions of Windows are affected by CVE-2022-21984?
CVE-2022-21984 affects Windows 10, Windows 11, and several versions of Windows Server.
Can CVE-2022-21984 be exploited remotely?
Yes, CVE-2022-21984 can be exploited remotely, allowing attackers to execute arbitrary code on vulnerable systems.
What are the potential consequences of an exploit for CVE-2022-21984?
Exploitation of CVE-2022-21984 may lead to full system compromise, allowing an attacker to install programs, view, change, or delete data, and create new accounts.

collector/nvd-index
agent/type
agent/first-publish-date
collector/msrc-cve
source/Microsoft
agent/references
agent/severity
agent/title
agent/author
agent/softwarecombine
agent/description
agent/software-canonical-lookup
agent/tags
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
vendor/microsoft
canonical/microsoft windows 10
version/microsoft windows 10/20h2
version/microsoft windows 10/21h1
version/microsoft windows 10/21h2
version/microsoft windows 10/1909
canonical/microsoft windows 11
canonical/microsoft windows server
version/microsoft windows server/20h2
version/microsoft windows server/2022
version/microsoft windows 11/21h2
canonical/microsoft windows server 2022