MS.Windows.Task.Scheduler.Privilege.Elevation
Description
This indicates a local authenticated vulnerability in the Windows task scheduler that can lead to code execution in SYSTEM context.
This vulnerability exploited in the wild in July 2010 by the Stuxnet worm.
Affected Products
Microsoft Windows 7
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Standard Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Storage Server 2003
Microsoft Windows Vista
Microsoft Windows XP Home Edition
Microsoft Windows XP Professional
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the patch supplied by the vendor:
http://www.microsoft.com/technet/security/bulletin/ms10-092.mspx
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |