Vulnerability in Windows application compatibility cache could allow elevation of privilege - MS15-001ID: oval:org.secpod.oval:def:23107 | Date: (C)2015-01-14 (M)2021-09-11 |
Class: PATCH | Family: windows |
The host is missing an important security update according to Microsoft security bulletin MS15-001. The update is required to fix an elevation of privilege vulnerability. The flaw is present in the Windows application compatibility cache, which fails to handle a specially crafted application. An authenticated attacker who successfully exploited this vulnerability could bypass existing permission checks that are performed during cache modification in the Microsoft Windows Application Compatibility component and execute arbitrary code with elevated privileges.
Platform: |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 7 |
Microsoft Windows 8 |
Microsoft Windows Server 2012 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 R2 |