Lucene search

Kaspersky LabKLA10559

HistoryApr 14, 2015 - 12:00 a.m.

KLA10559 Privileges escalation in Microsoft products

2015-04-1400:00:00

Kaspersky Lab

threats.kaspersky.com

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

6.6 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

16.1%

JSON

Multiple improper impersonation levels handling were found in Microsoft products. By exploiting these vulnerabilities malicious users can gain privileges. These vulnerabilities can be exploited locally via a specially designed application.

Original advisories

MS15-038

CVE-2015-1643

CVE-2015-1644

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

Microsoft-Windows-Vista-4

Microsoft-Windows-Server-2012

Microsoft-Windows-8

Microsoft-Windows-7

Microsoft-Windows-Server-2008

Microsoft-Windows-Server-2003

Windows-RT

CVE list

CVE-2015-1643 high

CVE-2015-1644 high

KB list

3045999

3045685

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected Products

Windows Server 2003 x86, x64, Itanium Service Pack 2Windows Server 2003 R2 x86, x64 Service Pack 2Windows Vista x86, x64 Service Pack 2Windows Server 2008 x86, x64, Itanium Service Pack 2Windows Server 2008 R2 x64, Itanium Service Pack 1Windows 8 x86, x64Windows 8.1 x86, x64Windows Server 2012Windows Server 2012 R2Windows RTWindows RT 8.1