MS15-028: Vulnerability in Windows Task Scheduler Could Allow Security Feature Bypass (3030377)
High Nessus Plugin ID 81742
SynopsisThe remote Windows host is affected by a security bypass vulnerability.
DescriptionThe remote Windows host is affected by a security bypass vulnerability due to Windows Task Scheduler not properly validating and enforcing impersonation levels. Attackers can exploit this flaw to elevate privileges in order to execute files they have no permission to run.
SolutionMicrosoft has released a set of patches for Windows 7, 2008 R2, 8, 2012, 8.1, and 2012 R2.