JVN#63898867: Applications that use the Windows Help function may be vulnerable to privilege escalation

Applications or Services that call the Windows Help function in an insecure manner may allow a user unauthorized access to resrouces on the system.

This issue may occur in applications or services where the Help function is not called in a secure manner. An example of this is when Anti-virus software or a personal firewall is running on the local system with the privileges of an administrator on the local system, and has an interface to “communicate” with the user.

Impact

A user may gain unauthorized access to resources on the system.

Solution

Refer to the “Vendor Status” section below for Solution information on each application.

Products Affected

For information on Products Affected, please refer to the “Vendor Status” section below.