CVE-2015-2554
published 2015-10-14CVE-2015-2554: The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges…
PriorityP336high7.2CVSS 2.0
AVLACLAuNCCICAC
EXPLOIT
EPSS
3.55%
87.9th percentile
The kernel in Microsoft Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 allows local users to gain privileges via a crafted application, aka "Windows Object Reference Elevation of Privilege Vulnerability."
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | windows_server_2008 | — | — |
| microsoft | windows_server_2012 | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Windows 10 - Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation
exploitdb·2018-06-20·CVSS 7.2
CVE-2018-8208 [HIGH] Microsoft Windows 10 - Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation
Microsoft Windows 10 - Desktop Bridge Activation Arbitrary Directory Creation Privilege Escalation
---
Windows: Desktop Bridge Activation Arbitrary Directory Creation EoP
Platform: Windows 10 1703, 1709 (not tested RS4)
Class: Elevation of Privilege
Summary: The activator for Desktop Bridge applications calls CreateAppContainerToken while running as a privileged account leading to creation of arbitrary object directories leading to EoP.
Description:
As much of the activation of Desktop Bridge applications require TCB privilege (such as creating the container) it’s delegated to the AppInfo service which runs as Local System. During post activation, either through RAiLaunchProcessWithIdentity or RAiFinishPackageActivation the API PostCreateProcessDesktopAppXActivation is called in daxexe
Exploit-DB
Microsoft Windows - NtCreateLowBoxToken Handle Capture Local Denial of Service / Privilege Escalation (MS15-111)
exploitdb·2015-10-30
CVE-2015-2554 Microsoft Windows - NtCreateLowBoxToken Handle Capture Local Denial of Service / Privilege Escalation (MS15-111)
Microsoft Windows - NtCreateLowBoxToken Handle Capture Local Denial of Service / Privilege Escalation (MS15-111)
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=483
Windows: NtCreateLowBoxToken Handle Capture Local DoS/Elevation of Privilege
Platform: Windows 8.1 Update, Windows 10, Windows Server 2012
Class: Local Dos/Elevation of Privilege
Summary:
The NtCreateLowBoxToken API allows the capture of arbitrary handles which can lead to to local DoS or elevation of privilege.
Description:
The NtCreateLowBoxToken system call accepts an array of handles which are stored with the new token. This is presumably for maintaining references to the appcontainer specific object directories and symbolic links so that they do not need to be maintained anywhere else.
Talos
Microsoft Patch Tuesday - October 2015
blogs_talos·2015-10-13·CVSS 9.3
[CRITICAL] Microsoft Patch Tuesday - October 2015
## Microsoft Patch Tuesday - October 2015
Microsoft's Patch Tuesday has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is fairly light with a total of 6 bulletins released addressing 33 vulnerabilities. Half of the bulletins are rated "Critical" and address vulnerabilities in Internet Explorer, JScript/VBScript, and the Windows Shell. The other half of the bulletins are rated "Important" and address vulnerabilities in Edge, Office, and the Windows Kernel.
## Bulletins Rated Critical MS15-106, MS15-108, are MS15-109 are rated Critical in this month's release.
MS15-106 is this month's Internet Explorer security bulletin for versions 7 through 11. In total, 14 vulnerabil
Talos
Microsoft Patch Tuesday - October 2015
blogs_talos·2015-10-13·CVSS 9.3
[CRITICAL] Microsoft Patch Tuesday - October 2015
Microsoft's Patch Tuesday has arrived. Today, Microsoft has released their monthly set of security bulletins designed to address security vulnerabilities within their products. This month’s release is fairly light with a total of 6 bulletins released addressing 33 vulnerabilities. Half of the bulletins are rated "Critical" and address vulnerabilities in Internet Explorer, JScript/VBScript, and the Windows Shell. The other half of the bulletins are rated "Important" and address vulnerabilities in Edge, Office, and the Windows Kernel.
### Bulletins Rated Critical MS15-106, MS15-108, are MS15-109 are rated Critical in this month's release.
MS15-106 is this month's Internet Explorer security bulletin for versions 7 through 11. In total, 14 vulnerabilities were addressed with most of them bei
http://www.securityfocus.com/bid/76998http://www.securitytracker.com/id/1033805https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-111https://www.exploit-db.com/exploits/38580/http://www.securityfocus.com/bid/76998http://www.securitytracker.com/id/1033805https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-111https://www.exploit-db.com/exploits/38580/
2015-10-14
Published