Vulnerability Protection

Vulnerability in Winsock Could Allow Escalation of Privilege

Summary

A vulnerability involving Winsock in Microsoft Windows could, if successfully exploited, allow an attacker to gain escalated privileges on an affected system. 

Detailed Description


Microsoft has released a security update to address an escalation of privilege vulnerabilty involving Winsock in Microsoft Windows. The vulnerability exists when Winsock makes a call to a memory address without verifying the validity of the address. To successfully exploit the vulnerability, an attacker has to first log on to the target system and run a specially crafted code.

CVE Reference


  • CVE-2015-2478

Solution


Install the latest security patch for applicable systems, available for download from https://technet.microsoft.com/en-us/library/security/MS15-119

Source


Microsoft Security Bulletin MS15-119

Get Support

For documentation and product support, visit our support site.

Go Support

F-Secure Community

Give advice. Get advice. Share the knowledge on our free discussion forum.

Go Community