First published: Tue Dec 13 2022(Updated: )
Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.
Credit: secure@microsoft.com secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Windows 10 | =20H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =21H1 | |
Microsoft Windows 10 | =21H1 | |
Microsoft Windows 11 | =21H2 | |
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 11 | =21H2 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows Server 2019 | ||
Microsoft Windows 10 | =20H2 | |
Microsoft Windows 10 | =22H2 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =21H1 | |
Microsoft Windows 10 | =20H2 | |
Microsoft Windows 10 | =21H2 | |
Microsoft Windows 10 | =1607 | |
Microsoft Windows Server 2022 | ||
Microsoft Windows Server 2016 | ||
Microsoft Windows 10 | =20h2 | |
Microsoft Windows 10 | =21h1 | |
Microsoft Windows 10 | =21h2 | |
Microsoft Windows 10 | =22h2 | |
Microsoft Windows 10 | =1607 | |
Microsoft Windows 10 | =1809 | |
Microsoft Windows 11 | ||
Microsoft Windows 11 | ||
Microsoft Windows Server 2016 | ||
Microsoft Windows Server 2019 | ||
Microsoft Windows Server 2022 | ||
Microsoft Defender | ||
Microsoft Windows 10 1607 | <10.0.14393.5582 | |
Microsoft Windows 10 1809 | <10.0.17763.3770 | |
Microsoft Windows 10 20h2 | <10.0.19042.2364 | |
Microsoft Windows 10 21h1 | <10.0.19043.2364 | |
Microsoft Windows 10 21h2 | <10.0.19044.2364 | |
Microsoft Windows 10 22h2 | <10.0.19045.2364 | |
Microsoft Windows 11 21h2 | <10.0.22000.1335 | |
Microsoft Windows Server 2016 | <10.0.14393.5582 | |
Microsoft Windows Server 2019 | <10.0.17763.3770 | |
Microsoft Windows Server 2022 | <10.0.20348.1366 | |
<10.0.14393.5582 | ||
<10.0.17763.3770 | ||
<10.0.19042.2364 | ||
<10.0.19043.2364 | ||
<10.0.19044.2364 | ||
<10.0.19045.2364 | ||
<10.0.22000.1335 | ||
<10.0.14393.5582 | ||
<10.0.17763.3770 | ||
<10.0.20348.1366 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-44698 is a security feature bypass vulnerability in Microsoft Defender SmartScreen.
CVE-2022-44698 has a severity rating of 5.4, which is considered medium.
CVE-2022-44698 allows an attacker to evade Mark of the Web (MOTW) defenses in Microsoft Defender SmartScreen.
Microsoft Defender, Microsoft Windows Server 2016, Microsoft Windows 11 (21H2), Microsoft Windows Server 2022, and Microsoft Windows Server 2019 are affected by CVE-2022-44698.
To fix CVE-2022-44698, apply the official patches provided by Microsoft for the affected software versions.