MS15-133: Security Update for Windows PGM to Address Elevation of Privilege (3116130)
High Nessus Plugin ID 87262
SynopsisThe remote Windows host is affected by an elevation of privilege vulnerability.
DescriptionThe remote Windows host is missing a security update. It is, therefore, affected by an elevation of privilege vulnerability in the Pragmatic General Multicast (PGM) protocol, installed with the MSMQ service, due to a race condition that can result in references being made to already freed memory. An local attacker can exploit this, via a specially crafted application, to gain elevated privileges on the affected host.
SolutionMicrosoft has released a set of patches for Vista, 2008, 7, 2008 R2, 8, RT, 2012, 8.1, RT 8.1, 2012 R2, and 10.