Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1769

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2015-1769
Last Modified 14 Oct 2015 09:59:02
Published 14 Aug 2015 08:59:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2015-1769

Summary

Mount Manager in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, and Windows 10 mishandles symlinks, which allows physically proximate attackers to execute arbitrary code by connecting a crafted USB device, aka "Mount Manager Elevation of Privilege Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 10 -

  • Microsoft Windows 7 -

  • Microsoft Windows 8 -

  • Microsoft Windows 8.1 -

  • Microsoft Windows Rt -

  • Microsoft Windows Rt 8.1 -

  • Microsoft Windows Server 2008

  • Microsoft Windows Server 2008 R2

  • Microsoft Windows Server 2012 -

  • Microsoft Windows Server 2012 R2

  • Microsoft Windows Vista -


References

MS - MS15-085

CONFIRM - http://blogs.technet.com/b/srd/archive/2015/08/11/defending-against-cve-2015-1769-a-logical-issue-exploited-via-a-malicious-usb-stick.aspx

Related Patches

MS15-085 Security Update for Windows Server 2008 (KB3071756)

MS15-085 Security Update for Windows Vista (KB3071756)

MS15-085 Security Update for Windows Server 2008 x64 (KB3071756)

MS15-085 Security Update for Windows Vista x64 (KB3071756)


Last Updated: 27 May 2016 11:09:31