FAQ
How could an attacker exploit this vulnerability? An unauthenticated attacker could interact with the login screen of a vulnerable system in a specific manner to execute code on that system.
MSRC compact vulnerability detail
CVE-2022-30222 · Windows Shell Remote Code Execution Vulnerability
No description was published by MSRC.
Signals
Windows Shell
Remote Code Execution
Exploited: No
Publicly disclosed: No
Exploitability: Exploitation Less Likely
CWE
No CWE data published.
Patch Diff
Loading module diff metadata...
Resolved binary override
Use this when the MSRC module name cannot be mapped automatically or the resolved binary looks wrong.
Description
No description was published by MSRC.
FAQ / Articles
Workaround
The following workaround may be helpful in your situation. In all cases, Microsoft strongly recommends that you install the updates for this vulnerability as soon as they become available even if you plan to leave this workaround in place: To remove Microsoft Japanese IME entirely from logon UI the following steps are required. First, you must remove the Japanese language (not IME) from every account on the affected device. As long as there is an account where Japanese is installed, logon will continue to show Microsoft JPN IME. For each account on the affected device, sign in to the account. Select Settings, select Time & language. For Windows 11, select Language & region. For Windows 10, select Language. Select Japanese and then select Remove. Note that you cannot do this if Japanese is the only language installed or is located at the top in the language list. You will need to add another language to move Japanese down to second or later in the list. Then you can remove the Japanese entry. Second, you need to make sure the Welcome screen input language is not set to Japanese. Select Settings, select Time & language. For Windows 11, select Language & region. For W...