(MS14-054) Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (2988948)

  Severity: HIGH
  CVE Identifier: CVE-2014-4074
  Advisory Date: OCT 30, 2014

  DESCRIPTION

This security update addresses a vulnerability found in Microsoft Windows, which could allow elevation of privilege once exploited successfully by attackers via a specially crafted application. Note, however, that remote attackers should be able to log on locally and have valid credentials to exploit the said vulnerability.

  SOLUTION

  AFFECTED SOFTWARE AND VERSION

  • Windows 8 for 32-bit Systems
  • Windows 8 for x64-based Systems
  • Windows 8.1 for 32-bit Systems
  • Windows 8.1 for x64-based Systems
  • Windows Server 2012
  • Windows Server 2012 R2
  • Windows RT
  • Windows RT 8.1
  • Windows Server 2012 (Server Core installation)
  • Windows Server 2012 R2 (Server Core installation)