Kaspersky Threats

Kaspersky ID:

KLA10559

Detect Date:

04/14/2015

Updated:

04/02/2025

Description

Multiple improper impersonation levels handling were found in Microsoft products. By exploiting these vulnerabilities malicious users can gain privileges. These vulnerabilities can be exploited locally via a specially designed application.

Original advisories

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

CVE list

CVE-2015-1643
high
CVE-2015-1644
high

KB list

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!

Kaspersky ID:

KLA10559

Detect Date:

04/14/2015

Updated:

04/02/2025

Severity

critical

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Impacts

Privilege escalation. Exploitation of vulnerabilities with this impact can lead to performing by abuser actions, which are normally disallowed for current role.

Affected products

Windows Server 2003 x86, x64, Itanium Service Pack 2
Windows Server 2003 R2 x86, x64 Service Pack 2
Windows Vista x86, x64 Service Pack 2
Windows Server 2008 x86, x64, Itanium Service Pack 2
Windows Server 2008 R2 x64, Itanium Service Pack 1
Windows 8 x86, x64
Windows 8.1 x86, x64
Windows Server 2012
Windows Server 2012 R2
Windows RT
Windows RT 8.1

Privileges escalation in Microsoft products

Description

Original advisories

Exploitation

Related products

CVE list

KB list

Read more