(MS15-006) Vulnerability in Windows Error Reporting Could Allow Security Feature Bypass (3004365)
Publish date: 09 de febrero de 2015
Gravedad: High
Identificadores de CVE : CVE-2015-0001
Fecha recomendada: 09 de febrero de 2015
Descripción
This update resolves a security bypass feature vulnerability that exists in the Windows Error Reporting (WER) service of most Windows operating systems. When successfully exploited, an attacker is able to access the protected memory resource of a running process that is protected by the WER Protected Process Light feature.
Soluciones
Software y versión afectados
- Windows 8 for 32-bit Systems
- Windows 8 for x64-based Systems
- Windows 8.1 for 32-bit Systems
- Windows 8.1 for x64-based Systems
- Windows Server 2012
- Windows Server 2012 R2
- Windows RT
- Windows RT 8.1
- Windows Server 2012 (Server Core installation)
- Windows Server 2012 R2 (Server Core installation)