Skip to main content

Microsoft Windows Components Elevation of Privilege Vulnerability

Last Update Date: 15 Jan 2015 Release Date: 14 Jan 2015 3773 Views

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

An elevation of privilege vulnerability exists in the TS WebProxy Windows component. The vulnerability is caused when Windows fails to properly sanitize file paths. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. The update addresses the vulnerability by correcting how Windows sanitizes file paths.

To successfully exploit this vulnerability, an attacker would have to take advantage of an existing vulnerability in Internet Explorer by tricking a user into downloading a specially crafted application. In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit this vulnerability. In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit this vulnerability. In all cases, however, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action. For example, an attacker could trick users into clicking a link that takes them to the attacker's site.

Most likely, this vulnerability would be used in conjunction with another vulnerability that allowed remote code execution. For example, an attacker could exploit another vulnerability to run arbitrary code through Internet Explorer, but due to the context in which processes are launched by Internet Explorer, the code might be restricted to run at a low integrity level (very limited permissions). However, an attacker could, in turn, exploit this vulnerability to cause the arbitrary code to run at a medium integrity level (permissions of the current user).


Impact

  • Elevation of Privilege

System / Technologies affected

  • Windows Vista
  • Windows 7
  • Windows Server 2008 R2
  • Windows 8 and Windows 8.1
  • Windows RT and Windows RT 8.1
  • Windows Server 2012 and Windows Server 2012 R2

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link