Tracked as CVE-2022-21882, the high-severity security hole was fixed on January 2022 Patch Tuesday, when Microsoft said it was aware of limited, targeted exploitation attempts.
Identified in the Win32k.sys driver, the issue is described as an elevation of privilege bug that could allow a local, authenticated attacker to obtain system or administrative rights.
Security researcher RyeLv, who received acknowledgement for the find, says CVE-2022-21882 is in fact a bypass for the patch that Microsoft released in February 2021 for CVE-2021-1732, another exploited Win32k vulnerability.