MS14-054: Vulnerability in Windows Task Scheduler Could Allow Elevation of Privilege (2988948)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote Windows host is affected by a privilege escalation
vulnerability.

Description :

The remote Windows host is affected by a privilege escalation
vulnerability. The vulnerability is due to improperly conducted
integrity checks on tasks by Windows Task Scheduler. An authenticated
attacker can exploit this vulnerability to execute arbitrary code in
the context of the local system user.

See also :

https://technet.microsoft.com/library/security/ms14-054

Solution :

Microsoft has released a set of patches for Windows 8, 2012, 8.1, and
2012 R2.

Risk factor :

High / CVSS Base Score : 7.2
(CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 77574 ()

Bugtraq ID: 69593

CVE ID: CVE-2014-4074

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now