MS14-070 - Important: Vulnerability in TCP/IP Could Allow Elevation of Privilege (2989935) -...


Extraordinary Robot
News Feed
Severity Rating: Important
Revision Note: V1.0 (November 11, 2014): Bulletin published.
Summary: This security update resolves a publically reported vulnerability in TCP/IP that occurs during input/output control (IOCTL) processing. This vulnerability could allow elevation of privilege if an attacker logs on to a system and runs a specially crafted application. An attacker who successfully exploited this vulnerability could run arbitrary code in the context of another process. If this process runs with administrator privileges, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Continue reading...

This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.