Elevation of Privilege Vulnerability in Microsoft Windows Products
CVE-2015-2363

Currently unrated

Key Information:

Vendor: Microsoft
Status: Windows 2003 Server; Windows Rt; Windows 8.1; Windows Server 2008
Vendor: CVE Published:; 14 July 2015

Summary

The win32k.sys component in the Microsoft Windows kernel-mode drivers contains a vulnerability that allows local users to elevate their privileges through the execution of a specially crafted application. This weakness affects several versions of Microsoft Windows, including outdated systems like Windows Server 2003 and Windows Vista, as well as more modern versions up to Windows 8.1. Exploiting this vulnerability could enable malicious users to gain unauthorized access and control over affected systems, significantly impacting the overall security posture of an organization.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securitytracker.com/id/1032904

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Jul 14, 2015
Vulnerability Reserved
Mar 19, 2015