Security Vulnerabilities fixed in IME (Japanese) MS14-078

description-logoDescription

This security update resolves a privately reported vulnerability in Microsoft Input Method Editor (IME) (Japanese). The vulnerability could allow sandbox escape based on the application sandbox policy on a system where an affected version of the Microsoft IME (Japanese) is installed. An attacker who successfully exploited this vulnerability could escape the sandbox of a vulnerable application and gain access to the affected system with logged-in user rights. If the affected system is logged in with administrative rights, an attacker could then install programs; view, change or delete data; or create new accounts with full administrative rights.

affected-products-logoAffected Applications

Windows 7
Windows Server 2008 R2
Microsoft Office 2007

CVE References

CVE-2014-1824