CVE Number | Vulnerability | Product | Severity | Date |
---|---|---|---|---|
MS10-092 | Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420) | Windows Vista | Critical | 15-12-2010 |
Technical Information
Brief overview of the risk:
This security update resolves a publicly disclosed vulnerability in Windows Task Scheduler. The vulnerability could allow elevation of privilege if an attacker logged on to an affected system and ran a specially crafted application.
Detailed Information on the risk:
An elevation of privilege vulnerability exists in the way that the Windows Task Scheduler improperly validates whether scheduled tasks run within the intended security context. An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system.
Further information on this exploit is available at : MS10-092
Affected Software
Windows Vista Service Pack 1 and Windows Vista Service Pack 2Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2*
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2
Windows 7 for 32-bit Systems
Windows 7 for x64-based Systems
Windows Server 2008 R2 for x64-based Systems
Windows Server 2008 R2 for Itanium-based Systems