(MS15-006) Vulnerability in Windows Error Reporting Could Allow Security Feature Bypass (3004365)
Schweregrad: : Alto
Identificador(es) CVE: : CVE-2015-0001
Data do informe: 09 fevereiro 2015
Descrição
This update resolves a security bypass feature vulnerability that exists in the Windows Error Reporting (WER) service of most Windows operating systems. When successfully exploited, an attacker is able to access the protected memory resource of a running process that is protected by the WER Protected Process Light feature.
Solução
Software infectado e versão:
- Windows 8 for 32-bit Systems
- Windows 8 for x64-based Systems
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
- Windows Server 2012 R2
- Windows RT
- Windows RT 8.1
- Windows Server 2012 (Server Core installation)
- Windows Server 2012 R2 (Server Core installation)