|Microsoft Windows Knowledge Base Article 2913602 update is not installed (WinMs14kb2913602Update)|
|Platforms:||Microsoft Windows Server 2008: R2 SP1 Itanium, Microsoft Windows: 7 SP1 x64, Microsoft Windows Server 2008: R2 SP1 x64, Microsoft Windows: 7 SP1 x32|
Microsoft Windows Knowledge Base Article 2913602 update is not installed on the system, which could allow an attacker to exploit the following vulnerability:
Microsoft Windows could allow a local attacker to gain elevated privileges on the system, caused by the failure to properly use window handle thread objects in memory by the kernel-mode driver. By executing a malicious application on the vulnerable system, a local attacker with valid login credentials could exploit this vulnerability to execute arbitrary code on the system with elevated privileges.
Apply the appropriate patch for your system, as listed in Microsoft Security Bulletin MS14-003. See References.
|Required Permission:||Windows login|
Microsoft Security Bulletin MS14-003
IBM Internet Security Systems X-Force Database
Know Your Risks
Common Vulnerabilties & Exposures