<< Back
CVE Number Vulnerability Product Severity Date
MS14-039 Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege (2975685) Windows Vista Important 09-07-2014

Technical Information

Brief overview of the risk:
A vulnerability exists in the On-Screen Keyboard that could allow a local elevation of privilege.
Detailed Information on the risk:

The vulnerability could allow elevation of privilege if an attacker uses a vulnerability in a low integrity process to execute the On-Screen Keyboard (OSK) and upload a specially crafted program to the target system.


Further information on this exploit is available at : MS14-039

Affected Software

Windows Vista Service Pack 2
Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems Service Pack 2
Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems Service Pack 1
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows 8 for 32-bit Systems
Windows 8 for x64-based Systems
Windows 8.1 for 32-bit Systems
Windows 8.1 for x64-based Systems
Windows Server 2012 and Windows Server 2012 R2
Windows Server 2012 R2
Windows RT and Windows RT 8.1