MS15-050: Vulnerability in Service Control Manager Could Allow Elevation of Privilege (3055642)
Medium Nessus Plugin ID 83355
SynopsisThe remote Windows host is affected by a privilege escalation vulnerability.
DescriptionThe remote Windows host is affected by a privilege escalation vulnerability in Windows Service Control Manager (SCM) due to improper verification of impersonation levels. A local attacker can exploit this, via a specially crafted application, to escalate their privileges and make calls to SCM for which they lack sufficient privilege.
SolutionMicrosoft has released a set of patches for Windows Vista, 2008, 7, 2008 R2, 8, 2012, 8.1, and 2012 R2.