MS14-078 - Moderate: Vulnerability in IME (Japanese) Could Allow Elevation of Privilege...

Discussion in 'Security Alerts' started by News, Nov 12, 2014.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,205
    Likes Received:
    20
    Severity Rating: Moderate
    Revision Note: V1.0 (November 11, 2014): Bulletin published.
    Summary: This security update resolves a privately reported vulnerability in Microsoft Input Method Editor (IME) (Japanese). The vulnerability could allow sandbox escape based on the application sandbox policy on a system where an affected version of the Microsoft IME (Japanese) is installed. An attacker who successfully exploited this vulnerability could escape the sandbox of a vulnerable application and gain access to the affected system with logged-in user rights. If the affected system is logged in with administrative rights, an attacker could then install programs; view, change or delete data; or create new accounts with full administrative rights.

    Continue reading...
     

Share This Page

Loading...