cve_2022_21882 If you read the below closely you will see that I note that the patch does not prevent NtUserConsoleControl from being called when the calling process is not csrssexe since a telemetry assert isn't "really" an assert Previously, this was sufficient to fix the issue since xxxClientAllocWindowClassExtraBytes was not called outside of xxxCreateWindo