|MS15-092||Vulnerabilities in .NET Framework Could Allow Elevation of Privilege (3086251)||Microsoft .NET||Important||12-08-2015|
Brief overview of the risk:
This security update resolves vulnerabilities in Microsoft .NET Framework. The vulnerabilities could allow elevation of privilege if a user runs a specially crafted .NET application.
Detailed Information on the risk:
Elevation of privilege vulnerabilities exist in Microsoft .NET Framework when the RyuJIT compiler improperly optimizes certain parameters resulting in a code generation error. An attacker who successfully exploited this vulnerability could take complete control of an affected system.To exploit these vulnerabilities, an attacker would need to host a specially crafted .NET application and convince users to run the application. However, in all cases, an attacker would have no way to force users to run the application; an attacker would have to convince users to do so.Further information on this exploit is available at : MS15-092