MS14-078 - Moderate: Vulnerability in IME (Japanese) Could Allow Elevation of Privilege...

Discussion in 'Security Alerts' started by News, Nov 12, 2014.

  1. News

    News Extraordinary Robot
    News Feed

    Jun 27, 2006
    Likes Received:
    Severity Rating: Moderate
    Revision Note: V1.0 (November 11, 2014): Bulletin published.
    Summary: This security update resolves a privately reported vulnerability in Microsoft Input Method Editor (IME) (Japanese). The vulnerability could allow sandbox escape based on the application sandbox policy on a system where an affected version of the Microsoft IME (Japanese) is installed. An attacker who successfully exploited this vulnerability could escape the sandbox of a vulnerable application and gain access to the affected system with logged-in user rights. If the affected system is logged in with administrative rights, an attacker could then install programs; view, change or delete data; or create new accounts with full administrative rights.

    Continue reading...

Share This Page