MS15-008: Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege (3019215)
Medium Nessus Plugin ID 80497
SynopsisThe remote Windows host is affected by a privilege escalation vulnerability.
DescriptionThe remote Windows host is affected by a privilege escalation vulnerability in the WebDAV kernel-mode driver due to a failure to properly validate and enforce impersonation levels. This allows a local attacker to bypass impersonation-level security and gain elevated privileges, including the ability to intercept and alter WebDAV requests.
SolutionMicrosoft has released a set of patches for Windows 2003, Vista, 2008, 7, 2008 R2, 8, 2012, 8.1, and 2012 R2.