CVE-2015-2363

Name of the Vulnerable Software and Affected Versions Windows Server 2003 SP2 and R2 SP2 Windows Vista SP2 Windows Server 2008 SP2 and R2 SP1 Windows 7 SP1 Windows 8 Windows 8.1 Windows Server 2012 Windows RT

Description The issue is related to insufficient access restrictions to certain functions in the win32k.sys driver of the Windows operating system. Exploitation of this issue can allow a local attacker to elevate privileges using a specially crafted application. The vulnerability exists due to the way the Windows kernel-mode driver handles objects in memory, potentially allowing an attacker to run arbitrary code in kernel mode. This could enable the attacker to install programs, view, change, or delete data, or create new accounts with full user rights. To exploit this issue, an attacker would first need to log on to the system.

Recommendations For Windows Server 2003 SP2 and R2 SP2, consider applying security updates to resolve the issue. For Windows Vista SP2, apply the latest security patches to fix the vulnerability. For Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012, and Windows RT, update to the latest version of the operating system or apply specific security updates to address the issue. As a temporary workaround, consider restricting access to the win32k.sys driver until a patch is available.