KLA10473
Code execution vulnerability in Microsoft products
Updated: 01/24/2020
Detect date
?
03/10/2015
Severity
?
Critical
Description

Lack of authentication control was found in Microsoft products. By exploiting this vulnerability malicious users execute arbitrary code. This vulnerability can be exploited remotely via a specially designed UNC share.

Affected products

Windows Server 2003 x86, x64, Itanium-based Service Pack 2
Windows Vista x86, x64 Service Pack 2
Windows Server 2008 x86, x64, Itanium-based Service Pack 2
Windows 7 x86, x64 service Pack 1
Windows Server 2008 R2 x64, Itanium-based Service Pack 1
Windows 8 x86, x64
Windows 8.1 x86, x64
Windows Server 2012
Windows Server 2012 R2
Windows RT
Windows RT 8.1

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS advisory
CVE-2015-0008

Impacts
?
ACE 
[?]
Related products
Microsoft Windows Vista
Microsoft Windows Server 2012
Microsoft Windows 8
Microsoft Windows 7
Microsoft Windows Server 2008
Microsoft Windows Server 2003
Windows RT
CVE-IDS
?
CVE-2015-00088.3Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3000483