CISA Known Exploited Vulnerability
This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.
Remediation Deadline: Jun 15, 2022
High
CISA KEVCVE-2014-4077
Microsoft—Input Method Editor (IME) Japanese
Microsoft Input Method Editor (IME) Japanese is a keyboard with Japanese characters that can be enabled on Windows systems as it is included by default (with the default set as disabled). IME Japanese contains an unspecified vulnerability when IMJPDCT.EXE (IME for Japanese) is installed which allows attackers to bypass a sandbox and perform privilege escalation.
Required Action
https://nvd.nist.gov/vuln/detail/CVE-2014-4077
Vulnerability Overview
- Severity
- High
- CISA KEV
- Yes
- Ransomware
- Unknown
- Published
- May 25, 2022
- KEV Added
- May 25, 2022
- Due Date
- Jun 15, 2022
- Related Articles
- 0
Vendor
Microsoft
Input Method Editor (IME) Japanese