CVE-2022-36928 is a vulnerability that was identified in July 2022. The vulnerability affects Microsoft Windows Operating System and arises due to an improper handling of objects in memory. As a result, an attacker can execute arbitrary code with elevated privileges on the affected system, potentially leading to remote code execution or privilege escalation.
The vulnerability has been assigned a CVSS score of 8.4 out of 10, indicating a high severity level. Microsoft released a security update on July 12, 2022, to address the vulnerability. It is strongly recommended that all users apply the patch as soon as possible to mitigate the risk of exploitation.
It is worth noting that this vulnerability was discovered by researchers at Google’s Project Zero team, who reported it to Microsoft. This highlights the importance of collaboration between security researchers and vendors to identify and mitigate vulnerabilities before they are exploited by threat actors.