MS15-011: Vulnerability in Group Policy Could Allow Remote Code Execution (3000483)
High Nessus Plugin ID 81264
SynopsisThe remote Windows host is affected by a remote code execution vulnerability.
DescriptionThe remote Windows host is affected by a remote code execution vulnerability due to how the Group Policy service manages policy data when a domain-joined system connects to a domain controller. An attacker, using a controlled network, can exploit this to gain complete control of the host.
Note that Microsoft has no plans to release an update for Windows 2003 even though it is affected by this vulnerability.
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 8, 2012, 8.1, and 2012 R2.