CVE-2015-0001

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the patchday that contains the fix for this issue

Description A security feature bypass issue exists in the Windows Error Reporting (WER) component, allowing administrative users to bypass the Protected Process Light protection mechanism. This enables them to read the contents of arbitrary process-memory locations. An attacker who successfully exploits this issue could access the memory of a running process protected by Protected Process Light. The attacker must have valid logon credentials and be able to log on locally with administrator privileges to exploit this issue.

Recommendations For all affected versions, apply the patch from the patchday that contains the fix for this issue to resolve the security feature bypass vulnerability. As a temporary workaround, consider restricting administrative access to sensitive systems until the patch is applied.