(MS14-054) Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (2988948)
Severity: HIGH
CVE Identifier: CVE-2014-4074
Advisory Date: OCT 30, 2014
DESCRIPTION
This security update addresses a vulnerability found in Microsoft Windows, which could allow elevation of privilege once exploited successfully by attackers via a specially crafted application. Note, however, that remote attackers should be able to log on locally and have valid credentials to exploit the said vulnerability.
SOLUTION
AFFECTED SOFTWARE AND VERSION
- Windows 8 for 32-bit Systems
- Windows 8 for x64-based Systems
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
- Windows Server 2012 R2
- Windows RT
- Windows RT 8.1
- Windows Server 2012 (Server Core installation)
- Windows Server 2012 R2 (Server Core installation)