CVE-2014-2781

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the patchday that contains the fix for the issue

Description The issue allows attackers to bypass intended access restrictions by leveraging control over a low-integrity process to launch the On-Screen Keyboard (OSK) and then upload a crafted application. This could allow a local elevation of privilege.

Recommendations For all affected versions, consider disabling the On-Screen Keyboard (OSK) as a temporary workaround until a patch is available. Restrict access to low-integrity processes to minimize the risk of exploitation.