Intrusion Prevention

MS.Kernel.win32k.Object.PWND.Memory.Privilege.Elevation

Description

This indicates an attack attempt to exploit an Elevation of Privileges vulnerability in Microsoft Windows Kernel.
The vulnerability is due to an error when the vulnerable software handles a maliciously crafted file. An attacker can exploit this to elevate their privileges on vulnerable systems.

Affected Products

Windows Vista
Windows Server 2008
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Windows RT
Windows RT 8.1
Windows 7
Windows 8
Windows 8.1
Windows 10

Impact

Privilege Escalation: Remote attackers can leverage their privilege on the vulnerable systems

Recommended Actions

Apply the most recent upgrade or patch from the vendor
http://technet.microsoft.com/security/bulletin/MS15-135

CVE References

CVE-2015-6171