| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS15-037 | Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (3046269) | Windows 7 | Important | 15-04-2015 |
Technical Information
Brief overview of the risk:
An attacker who successfully exploited the vulnerability could leverage a known invalid task to cause Task Scheduler to run a specially crafted application in the context of the System account.
Detailed Information on the risk:
An elevation of privilege vulnerability exists in Task Scheduler due to a known invalid task being present on certain systems. An attacker who successfully exploited the vulnerability could cause Task Scheduler to run a specially crafted application in the context of the System account. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
Further information on this exploit is available at : MS15-037
Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)
Affected Software
Windows 7 for 32-bit Systems Service Pack 1Windows 7 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1
Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)