Threat Encyclopedia

Vulnerability in Group Policy Preferences Could Allow Elevation of Privilege

Description

These vulnerabilites have following impacts: Elevation of Privilege. An attacker who successfully exploited Elevation of Privilege vulnerability would first have to log on to the system. An attacker could then run a specially crafted application that could exploit the vulnerabilities and take control over an affected system.

Analysis

This security update resolves a publicly disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if Active Directory Group Policy preferences are used to distribute passwords across the domain - a practice that could allow an attacker to retrieve and decrypt the password stored with Group Policy preferences.

Affected Products

Windows 7
Windows Server 2008 R2
Windows 8
Windows 8.1
Windows Server 2012
Windows Server 2012 R2

CVE References

CVE-2014-1812