“CVE-2022-44698 is a security feature bypass vulnerability in Windows SmartScreen, a feature built-in to Windows that works with its Mark of the Web (MOTW) functionality that flags files downloaded from the internet. Depending on how MOTW flags a file, SmartScreen will perform a reputation check. This vulnerability can be exploited in multiple scenarios, including through malicious websites and malicious attachments delivered over email or messaging services. They require a potential victim to visit the malicious website or open a malicious attachment in order to bypass SmartScreen. Microsoft confirmed this vulnerability has been exploited in the wild. This flaw was credited to security researcher Will Dormann, who was credited with disclosing CVE-2022-41049, a security feature bypass in MOTW in the November Patch Tuesday release.
“CVE-2022-44710 is an elevation of privilege vulnerability in the DirectX Graphics Kernel. This is the second zero-day in the December Patch Tuesday release, as it was publicly disclosed prior to a patch being made available. It was assigned a CVSSv3 score of 7.8, receiving an important severity rating, but it is considered to be a flaw that is less likely to be exploited based on Microsoft’s Exploitability Index.”
by Satnam Narang, Sr. Staff Research Engineer, Tenable