Exploited
CWE
755
Advisory Published
Updated

CVE-2022-44698: Windows SmartScreen Security Feature Bypass Vulnerability

First published: Tue Dec 13 2022(Updated: )

Microsoft Defender SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file.

Credit: secure@microsoft.com secure@microsoft.com

Affected SoftwareAffected VersionHow to fix
Microsoft Windows 10=20H2
Microsoft Windows 10=1809
Microsoft Windows 10=22H2
Microsoft Windows 10=21H2
Microsoft Windows 10=21H1
Microsoft Windows 10=21H1
Microsoft Windows 11=21H2
Microsoft Windows 10=1607
Microsoft Windows 10=22H2
Microsoft Windows 10=1809
Microsoft Windows 11=21H2
Microsoft Windows 10=1809
Microsoft Windows Server 2019
Microsoft Windows 10=20H2
Microsoft Windows 10=22H2
Microsoft Windows 10=21H2
Microsoft Windows 10=21H1
Microsoft Windows 10=20H2
Microsoft Windows 10=21H2
Microsoft Windows 10=1607
Microsoft Windows Server 2022
Microsoft Windows Server 2016
Microsoft Windows 10=20h2
Microsoft Windows 10=21h1
Microsoft Windows 10=21h2
Microsoft Windows 10=22h2
Microsoft Windows 10=1607
Microsoft Windows 10=1809
Microsoft Windows 11
Microsoft Windows 11
Microsoft Windows Server 2016
Microsoft Windows Server 2019
Microsoft Windows Server 2022
Microsoft Defender
Microsoft Windows 10 1607<10.0.14393.5582
Microsoft Windows 10 1809<10.0.17763.3770
Microsoft Windows 10 20h2<10.0.19042.2364
Microsoft Windows 10 21h1<10.0.19043.2364
Microsoft Windows 10 21h2<10.0.19044.2364
Microsoft Windows 10 22h2<10.0.19045.2364
Microsoft Windows 11 21h2<10.0.22000.1335
Microsoft Windows Server 2016<10.0.14393.5582
Microsoft Windows Server 2019<10.0.17763.3770
Microsoft Windows Server 2022<10.0.20348.1366
<10.0.14393.5582
<10.0.17763.3770
<10.0.19042.2364
<10.0.19043.2364
<10.0.19044.2364
<10.0.19045.2364
<10.0.22000.1335
<10.0.14393.5582
<10.0.17763.3770
<10.0.20348.1366

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2022-44698?

    CVE-2022-44698 is a security feature bypass vulnerability in Microsoft Defender SmartScreen.

  • What is the severity of CVE-2022-44698?

    CVE-2022-44698 has a severity rating of 5.4, which is considered medium.

  • How does CVE-2022-44698 affect Microsoft Defender SmartScreen?

    CVE-2022-44698 allows an attacker to evade Mark of the Web (MOTW) defenses in Microsoft Defender SmartScreen.

  • Which software products are affected by CVE-2022-44698?

    Microsoft Defender, Microsoft Windows Server 2016, Microsoft Windows 11 (21H2), Microsoft Windows Server 2022, and Microsoft Windows Server 2019 are affected by CVE-2022-44698.

  • How can I fix CVE-2022-44698?

    To fix CVE-2022-44698, apply the official patches provided by Microsoft for the affected software versions.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203