Microsoft.Windows.Privilege.Elevation.Vulnerability.MS15-015
Description
Microsoft Windows is an operating system developed by Microsoft.
The vulnerability could allow an attacker to leverage the lack of impersonation-level security checks to elevate privileges during process creation. An authenticated attacker who successfully exploited this vulnerability could acquire administrator credentials and use them to elevate privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.
Affected Products
Windows 7 SP1
Windows 8 and 8.1
Windows Server 2008 R2 SP1
Windows Server 2012 and 2012 R2
Windows RT and RT 8.1
Impact
The vulnerable system can be compromised by an attacker for gaining partial access to the system. Therefore there is a risk of leaking sensitive information and application configuration modification without user notice.
Recommended Actions
Please download and apply patches as instructed in https://technet.microsoft.com/library/security/MS15-015.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |