|MS15-049||Vulnerability in Silverlight Could Allow Elevation of Privilege (3058985)||Microsoft Silverlight||Important||13-05-2015|
Brief overview of the risk:
This security update resolves a vulnerability in Microsoft Silverlight. The vulnerability could allow elevation of privilege if a specially crafted Silverlight application is run on an affected system.
Detailed Information on the risk:
An elevation of privilege vulnerability exists in Microsoft Silverlight that is caused when Silverlight improperly allows applications that are intended to run at a low integrity level (very limited permissions) to be executed at a medium integrity level (permissions of the current user) or higher. To exploit this vulnerability an attacker would first have to log on to the system or convince a logged on user to execute a specially crafted Silverlight application.
Further information on this exploit is available at : MS15-049