Microsoft Windows Task Scheduler Elevation Of Privilege Vulnerability (2305420) Network Vulnerability

Summary

This host is missing a critical security update according to Microsoft Bulletin MS10-092.

Impact

Successful exploition will allows elevation of privilege. Impact Level: System/Application

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, http://www.microsoft.com/technet/security/Bulletin/MS10-092.mspx

Insight

The flaw is caused by an error in task scheduler when performing integrity checks to validate tasks run with the intended user privilege.

Affected

Micorsoft Windows 7 Microsoft Windows Vista Service Pack 2 and prior. Microsoft Windows Server 2008 Service Pack 2 and prior.

References

http://support.microsoft.com/kb/2305420
http://www.microsoft.com/technet/security/bulletin/MS10-092.mspx

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-3338

CVSS	Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Internet Explorer Vector Markup Language Remote Code Execution Vulnerability (2544521)
Cumulative Security Update for Internet Explorer (956390)
Microsoft Embedded OpenType Font Engine Remote Code Execution Vulnerabilities (961371))
Microsoft Filter Pack Remote Code Execution Vulnerability (2801261)
Buffer Overrun In HTML Converter Could Allow Code Execution (823559)

Microsoft Windows Task Scheduler Elevation of Privilege Vulnerability (2305420)

Take action and discover your vulnerabilities