Microsoft OLE Elevation of Privilege Vulnerabilities
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
Elevation of privilege vulnerabilities exists in Microsoft Windows OLE when it fails to properly validate user input. The vulnerabilities by themselves do not allow arbitrary code to be run. The vulnerabilities would have to be used in conjunction with another vulnerability that allows remote code execution. An attacker who successfully exploited the vulnerabilities could allow a user with limited privileges on an affected system to execute code at a medium integrity level.
Impact
- Elevation of Privilege
System / Technologies affected
- Microsoft Windows Server 2003
- Microsoft Windows Vista
- Microsoft Windows Server 2008
- Microsoft Windows 7
- Microsoft Windows Server 2008 R2
- Microsoft Windows 8 and Windows 8.1
- Microsoft Windows Server 2012 and Windows Server 2012 R2
- Microsoft Windows RT and Windows RT 8.1
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
https://technet.microsoft.com/en-us/library/security/MS15-075
Vulnerability Identifier
Source
Related Link
Share with