CVE-2015-0078

Name of the Vulnerable Software and Affected Versions Windows 8 versions 8 through 8.1 Windows 8.1 Windows Server 2012 Gold and R2 Windows RT Gold and 8.1

Description The issue is caused by the Windows kernel-mode driver's failure to properly validate the calling thread's token, allowing local users to gain privileges via a crafted application. An authenticated attacker who successfully exploits this issue could acquire administrator credentials and use them to elevate privileges, enabling the installation of programs, viewing, changing, or deleting data, or creating new accounts with full administrative rights. To exploit the issue, an attacker would first have to log on to the system.

Recommendations For Windows 8, update to a version that properly validates the token of a calling thread. For Windows 8.1, apply the necessary patch to fix the kernel-mode driver's validation issue. For Windows Server 2012 Gold and R2, ensure the kernel-mode driver is updated to correctly validate the calling thread's token. For Windows RT Gold and 8.1, apply the relevant security update to address the elevation of privilege vulnerability.