KEV · Actively exploited
CVE-2022-41128
CRITICAL 8.8
KEV
Windows Scripting Languages Remote Code Execution Vulnerability
EPSS
39.24%
moderate exploit risk
percentile 97.4%
CISA Known Exploited Vulnerability
- Added to KEV
- 2022-11-08
- Remediation deadline
- 2022-12-09
- Required action
- Apply updates per vendor instructions.
- Ransomware
- No
OS versions that fix this CVE
This CVE is resolved by the following OS security releases. Update the OS to at least the listed version.
- Windows Fixed in Windows Server 2022 10.0.20348.1251 Windows Server 2019 10.0.17763.3650 Windows Server 2016 10.0.14393.5501 Windows 11 22H2 · 2022-H2 10.0.22621.819 Windows 11 21H2 · 2021-H2 10.0.22000.1219 Windows 10 22H2 · 2022-H2 10.0.19045.2251 Windows 10 21H2 · 2021-H2 10.0.19044.2251 Windows 10 21H1 · 2021-H1 10.0.19043.2251 Windows 10 20H2 · 2020-H2 10.0.19042.2251 Windows 10 1809 · 2018-09 10.0.17763.3650 Windows 10 1607 · 2016-07 10.0.14393.5501