CVE-2015-2371

Name of the Vulnerable Software and Affected Versions Microsoft Windows Server 2003 SP2 and R2 SP2 Microsoft Windows Vista SP2 Microsoft Windows Server 2008 SP2 and R2 SP1 Microsoft Windows 7 SP1 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2012 Gold and R2 Microsoft Windows RT Gold and 8.1

Description An elevation of privilege issue exists in the Windows Installer service, allowing local users to gain privileges via a custom action script associated with a .msi package. This occurs when the service improperly runs custom action scripts. An attacker who successfully exploits this issue could elevate privileges on a targeted system, potentially installing programs, viewing, changing, or deleting data, or creating new accounts with full administrative rights.

Recommendations For Microsoft Windows Server 2003 SP2 and R2 SP2, consider restricting access to custom action scripts associated with .msi packages until a patch is available. For Microsoft Windows Vista SP2, avoid using custom action scripts with .msi packages to minimize the risk of exploitation. For Microsoft Windows Server 2008 SP2 and R2 SP1, temporarily disable the execution of custom action scripts by the Windows Installer service. For Microsoft Windows 7 SP1, restrict the use of .msi packages that utilize custom action scripts. For Microsoft Windows 8, Microsoft Windows 8.1, Microsoft Windows Server 2012 Gold and R2, and Microsoft Windows RT Gold and 8.1, consider implementing additional security measures to limit the impact of potential exploitation, such as limiting user privileges and monitoring system activity. At the moment, there is no information about a newer version that contains a fix for this vulnerability.