(MS15-006) Vulnerability in Windows Error Reporting Could Allow Security Feature Bypass (3004365)
Publish Date: 09 febbraio 2015
Gravità: : Alto
Identificatori CVE: CVE-2015-0001
Data notifica: 09 febbraio 2015
Descrizione
This update resolves a security bypass feature vulnerability that exists in the Windows Error Reporting (WER) service of most Windows operating systems. When successfully exploited, an attacker is able to access the protected memory resource of a running process that is protected by the WER Protected Process Light feature.
Soluzioni
Software e versione interessati:
- Windows 8 for 32-bit Systems
- Windows 8 for x64-based Systems
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
- Windows Server 2012 R2
- Windows RT
- Windows RT 8.1
- Windows Server 2012 (Server Core installation)
- Windows Server 2012 R2 (Server Core installation)