MS15-015: Vulnerability in Microsoft Windows Could Allow Elevation of Privilege (3031432)
High Nessus Plugin ID 81268
SynopsisThe remote Windows host is affected by a privilege escalation vulnerability.
DescriptionThe remote Windows host is affected by a privilege escalation vulnerability due to improper validation of the authorization of a caller's impersonation token when the caller's process uses SeAssignPrimaryTokenPrivilege. A local attacker, using a specially crafted program, can bypass the authorization check, resulting in an escalation of privileges.
SolutionMicrosoft has released a set of patches for Windows 7, 2008 R2, 8, 2012, 8.1, and 2012 R2.