CVE-2022-38028: Microsoft Windows Print Spooler Privilege Escalation
Microsoft Windows Print Spooler Privilege Escalation Vulnerability . Microsoft Windows Print Spooler service contains a privilege escalation vulnerability. An attacker may modify a JavaScript constraints file and execute it with SYSTEM-level permissions.
- CISA KEV-listed (remediation due 2024-05-14)
- EPSS 3.9% (88.6% percentile)
Detection rules
- Forest Blizzard APT - File Creation Activity high
- Forest Blizzard APT - JavaScript Constrained File Creation medium
- Forest Blizzard APT - Process Creation Activity high
- Forest Blizzard APT - Custom Protocol Handler Creation high
- Forest Blizzard APT - Custom Protocol Handler DLL Registry Set high