CVE-2015-1758

Name of the Vulnerable Software and Affected Versions Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 Microsoft Windows 8 Microsoft Windows Server 2012 Microsoft Windows RT

Description The issue is related to an untrusted search path vulnerability in the LoadLibrary function in the kernel. This vulnerability allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. An elevation of privilege vulnerability exists when the LoadLibrary function fails to properly validate user input. An authenticated attacker who successfully exploits this vulnerability could elevate privileges on a targeted system, then install programs, view, change, or delete data, or create new accounts with full administrative rights.

Recommendations For Microsoft Windows Vista SP2, update to a fixed version to resolve the issue. For Microsoft Windows Server 2008 SP2 and R2 SP1, update to a fixed version to resolve the issue. For Microsoft Windows 7 SP1, update to a fixed version to resolve the issue. For Microsoft Windows 8, update to a fixed version to resolve the issue. For Microsoft Windows Server 2012, update to a fixed version to resolve the issue. For Microsoft Windows RT, update to a fixed version to resolve the issue. As a temporary workaround, consider restricting access to the LoadLibrary function until a patch is available. Avoid placing untrusted .dll files in local directories on the machine or on network shares to minimize the risk of exploitation.