Microsoft Windows Elevation of Privilege Vulnerability
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
![TYPE: Windows OS](/f/bulletin_type/100000/37p37/operation-system-windowsos.png)
An elevation of privilege vulnerability exists in Microsoft Windows when it fails to properly validate and enforce impersonation levels. An attacker who successfully exploited this vulnerability could bypass impersonation-level security checks and gain elevated privileges on a targeted system. This vulnerability can be exploited only in the specific scenario where the process uses SeAssignPrimaryTokenPrivilege, which is not available for normal processes.
Impact
- Remote Code Execution
System / Technologies affected
- Windows 7
- Windows Server 2008 R2
- Windows 8 and Windows 8.1
- Windows Server 2012 and Windows Server 2012 R2
- Windows RT and Windows RT 8.1
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
https://technet.microsoft.com/library/security/MS15-015
Vulnerability Identifier
Source
Related Link
Share with