(MS15-001) Vulnerability in Windows Application Compatibility Cache Could Allow Elevation of Privilege (3023266)
Gravedad: High
Fecha recomendada: 09 de febrero de 2015
Descripción
This security update addresses a vulnerability found existing in Microsoft Windows. Once successfully exploited, it could allow elevation of privilege when an attacker logs to a system and runs a specially crafted application. A remote attacker can also bypass existing permission checks that are performed during cache modification in the Microsoft Windows Application Compatibility component and execute arbitrary code with elevated privileges.
Soluciones
Software y versión afectados
- Windows 7 for x64-based Systems Service Pack 1
- Windows 8.1 for 32-bit Systems
- Windows Server 2012 R2
- Windows RT[1]
- Windows RT 8.1[1]
- Windows 7 for 32-bit Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
- Windows 8 for 32-bit Systems
- Windows 8 for x64-based Systems
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
- Windows Server 2012 (Server Core installation)
- Windows Server 2012 R2 (Server Core installation)