Microsoft Windows Elevation of Privilege Vulnerabilities
Last Update Date:
14 Aug 2015
Release Date:
12 Aug 2015
3163
Views
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
- Windows Object Manager Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists in Windows Object Manager when it fails to properly validate and enforce impersonation levels. An attacker who successfully exploited this vulnerability could bypass impersonation-level security and gain elevated privileges on a targeted system. - Windows Registry Elevation of Privilege Vulnerability
An elevation of privilege exists in Microsoft Windows when it improperly allows certain registry interactions from within vulnerable sandboxed applications. An attacker who successfully exploited this vulnerability could improperly interact with the registry and attempt to escape the application sandbox. - Windows Filesystem Elevation of Privilege Vulnerability
An elevation of privilege exists in Microsoft Windows when it improperly allows certain filesystem interactions from within vulnerable sandboxed applications. An attacker who successfully exploited this vulnerability could improperly interact with the filesystem and attempt to escape the application sandbox.
Impact
- Elevation of Privilege
System / Technologies affected
- Microsoft Windows Vista
- Microsoft Windows Server 2008
- Microsoft Windows 7
- Microsoft Windows Server 2008 R2
- Microsoft Windows 8 and Windows 8.1
- Microsoft Windows Server 2012 and Windows Server 2012 R2
- Microsoft Windows RT and Windows RT 8.1
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
https://technet.microsoft.com/en-us/library/security/MS15-090
Vulnerability Identifier
Source
Related Link
Share with