MS15-001:Windows Application Compatibility Cache の脆弱性により、特権が昇格される (3023266)
2015年2月9日
危険度: : 高
概要
This security update addresses a vulnerability found existing in Microsoft Windows. Once successfully exploited, it could allow elevation of privilege when an attacker logs to a system and runs a specially crafted application. A remote attacker can also bypass existing permission checks that are performed during cache modification in the Microsoft Windows Application Compatibility component and execute arbitrary code with elevated privileges.
トレンドマイクロの対策
詳しい情報については以下のサイトをご参照ください。
対応方法
影響を受けるソフトウェア
- Windows 7 for x64-based Systems Service Pack 1
- Windows 8.1 for 32-bit Systems
- Windows Server 2012 R2
- Windows RT[1]
- Windows RT 8.1[1]
- Windows 7 for 32-bit Systems Service Pack 1
- Windows Server 2008 R2 for x64-based Systems Service Pack 1
- Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
- Windows 8 for 32-bit Systems
- Windows 8 for x64-based Systems
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
- Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
- Windows Server 2012 (Server Core installation)
- Windows Server 2012 R2 (Server Core installation)