KLA10549Code execution vulnerability in Microsoft GC

2015-04-14T00:00:00
ID KLA10549
Type kaspersky
Reporter Kaspersky Lab
Modified 2019-03-07T00:00:00

Description

Detect date:

04/14/2015

Severity:

Critical

Description:

An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed EMF image.

Affected products:

Windows Server 2003 x86, x64, Itanium Service Pack 2
Windows Vista x86, x64 Service Pack 2
Windows Server 2008 x86, x64, Itanium Service Pack 2
Windows 7 x86, x64 Service Pack 1
Windows Servier 2008 R2 x64, Itanium Service Pack 1

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

MS15-035
CVE-2015-1645

Impacts:

ACE

Related products:

Microsoft Windows Vista

CVE-IDS:

CVE-2015-16459.3Critical

Microsoft official advisories:

KB list:

3046306