CVE-2015-1644

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the fixed version

Description The issue is related to improper validation and enforcement of impersonation levels, allowing local users to gain elevated privileges via a crafted application. This could enable an attacker to bypass security checks and acquire administrator credentials, potentially leading to the installation of programs, viewing, changing, or deleting data, and creating new accounts with full administrative rights. An estimated number of potentially affected devices is not provided.

Recommendations For Microsoft Windows versions prior to the fixed version, consider restricting access to sensitive areas of the system to minimize the risk of exploitation until a patch is available. As a temporary workaround, consider disabling any features that rely on impersonation levels until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.