Microsoft Windows Installer Service Elevation of Privilege Vulnerability
Last Update Date:
13 Aug 2014 15:25
Release Date:
13 Aug 2014
3865
Views
RISK: Medium Risk
TYPE: Operating Systems - Windows OS
An elevation of privilege vulnerability exists when the Windows Installer service improperly handles the repair of a previously installed application. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Impact
- Elevation of Privilege
System / Technologies affected
- Windows Server 2003
- Windows Vista
- Windows Server 2008
- Windows 7
- Windows Server 2008 R2
- Windows 8 and Windows 8.1
- Windows Server 2012 and Windows Server 2012 R2
- Windows RT and Windows RT 8.1
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
https://technet.microsoft.com/en-us/library/security/MS14-049
Vulnerability Identifier
Source
Related Link
Share with