Severity: Medium
Summary:
- These vulnerabilities affect: Windows 8.x, Server 2012, and RT
- How an attacker exploits it: By running a specially crafted application
- Impact: A local low privileged attacker can gain SYSTEM privileges on your Windows computers
- What to do: Deploy the appropriate update at your convenience, or let Windows Automatic Update do it for you
Exposure:
In a security bulletin released as part of Patch Day, Microsoft described an Elevation of Privilege (EoP) vulnerability that affects the latest versions of Windows—specifically, Windows 8.x, Server 2012, and RT.
The flaw lies in the Windows Task Scheduler, a service that allows you to automate the execution of tasks at certain times. Microsoft doesn’t describe the vulnerability in much detail, only saying the Task Scheduler does not properly check the integrity of tasks. By running a specially crafted application, an underprivileged local attacker could take advantage of this to execute programs with full SYSTEM privileges. Of course, the local attacker would have to log into a vulnerable system using valid credentials, which significantly lower the impact of this flaw.
Solution Path:
You should download, test, and deploy the appropriate Windows update immediately, or let Windows Automatic Update do it for you. You can find links to the updates in the “Affected and Non-Affected Software” section of Microsoft’s Windows security bulletin.
For All WatchGuard Users:
This is a local vulnerability. We recommend you install Microsoft’s updated to completely protect yourself from this flaw.
Status:
Microsoft has released patches to fix this vulnerability.
References:
- MS Security Bulletin MS14-054
This alert was researched and written by Corey Nachreiner, CISSP (@SecAdept).