Microsoft Windows Task Scheduler Privilege Escalation Vulnerability (2988948) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS14-054.

Impact

Successful exploitation could allow local users to gain escalated privileges. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/library/security/MS14-054

Insight

Flaw exists because Windows Task Scheduler improperly conducts integrity checks on tasks.

Affected

Windows 8 x32/x64 Edition, Windows 8.1 x32/x64 Edition, Windows Server 2012, Windows Server 2012 R2.

Detection

Get the vulnerable file version and check appropriate patch is applied or not.

References

http://secunia.com/advisories/60983
http://www.osvdb.com/111149
https://technet.microsoft.com/library/security/MS14-054

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-4074
CVSS Base Score: 6.8
AV:L/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

IE VBScript Handling patch (Q318089)
Flaw in Certificate Enrollment Control (Q323172)
Microsoft Office Shared Component Security Bypass Vulnerability (2905238)
Microsoft File Handling Component Remote Code Execution Vulnerability (2922229)
Microsoft Windows Kernel Privilege Elevation Vulnerabilities (2813170)

Take action and discover your vulnerabilities