Microsoft Windows Kernel 'Win32k.sys' CVE-2015-1768 Local Privilege Escalation Vulnerability

2015-06-09T00:00:00
ID SMNTC-75024
Type symantec
Reporter Symantec Security Response
Modified 2015-06-09T00:00:00

Description

Description

Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with elevated privileges within the context of another user.

Technologies Affected

  • Microsoft Windows Server 2003 Itanium SP2
  • Microsoft Windows Server 2003 R2 Service Pack 2
  • Microsoft Windows Server 2003 R2 x64 Edition Service Pack 2
  • Microsoft Windows Server 2003 SP2
  • Microsoft Windows Server 2003 x64 Edition Service Pack 2

Recommendations

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To exploit this vulnerability, an attacker requires local access to an affected computer. Grant local access for trusted and accountable users only.

Updates are available. Please see the references or vendor advisory for more information.