Microsoft Windows Task Scheduler Privilege Escalation Vulnerability (2988948) Network Vulnerability

Summary

This host is missing an important security update according to Microsoft Bulletin MS14-054.

Impact

Successful exploitation could allow local users to gain escalated privileges. Impact Level: System

Solution

Run Windows Update and update the listed hotfixes or download and update mentioned hotfixes in the advisory from the below link, https://technet.microsoft.com/library/security/MS14-054

Insight

Flaw exists because Windows Task Scheduler improperly conducts integrity checks on tasks.

Affected

Windows 8 x32/x64 Edition, Windows 8.1 x32/x64 Edition, Windows Server 2012, Windows Server 2012 R2.

Detection

Get the vulnerable file version and check appropriate patch is applied or not.

References

http://secunia.com/advisories/60983
http://www.osvdb.com/111149
https://technet.microsoft.com/library/security/MS14-054

Updated on 2015-03-25

Severity

Classification

CVE CVE-2014-4074

CVSS	Base Score: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C

Related Vulnerabilities

Microsoft MS03-034 security check
Microsoft Windows 'HTTP.sys' Denial of Service Vulnerability (2829254)
Microsoft Products HTML Sanitisation Component XSS Vulnerability (2741517)
Microsoft SQL Server Elevation of Privilege Vulnerability (2984340)
Microsoft .NET Framework Denial of Service Vulnerability (2990931)

Take action and discover your vulnerabilities