Skip to main content

Microsoft Windows Installer Service Elevation of Privilege Vulnerability

Last Update Date: 13 Aug 2014 15:25 Release Date: 13 Aug 2014 3865 Views

RISK: Medium Risk

TYPE: Operating Systems - Windows OS

TYPE: Windows OS

An elevation of privilege vulnerability exists when the Windows Installer service improperly handles the repair of a previously installed application. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.


Impact

  • Elevation of Privilege

System / Technologies affected

  • Windows Server 2003
  • Windows Vista
  • Windows Server 2008
  • Windows 7
  • Windows Server 2008 R2
  • Windows 8 and Windows 8.1
  • Windows Server 2012 and Windows Server 2012 R2
  • Windows RT and Windows RT 8.1

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.


Vulnerability Identifier


Source


Related Link