Microsoft.Windows.Privilege.Elevation.Vulnerability.MS15-015

description-logoDescription

Microsoft Windows is an operating system developed by Microsoft.
The vulnerability could allow an attacker to leverage the lack of impersonation-level security checks to elevate privileges during process creation. An authenticated attacker who successfully exploited this vulnerability could acquire administrator credentials and use them to elevate privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

affected-products-logoAffected Products

Windows 7 SP1
Windows 8 and 8.1
Windows Server 2008 R2 SP1
Windows Server 2012 and 2012 R2
Windows RT and RT 8.1

Impact logoImpact

The vulnerable system can be compromised by an attacker for gaining partial access to the system. Therefore there is a risk of leaking sensitive information and application configuration modification without user notice.

recomended-action-logoRecommended Actions

Please download and apply patches as instructed in https://technet.microsoft.com/library/security/MS15-015.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)