Home / bulletins MS09-015 – Moderate: Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426) - Version:1.1
Posted on 15 April 2009
There is an newer version: MS09-015 - Version: 1.1
ModerateSeverity Rating: Moderate - Revision Note: V1.1 (April 15, 2009): Added FAQs in the section, Frequently Asked Questions (FAQ) Related to This Security Update as well as in the Vulnerability section for CVE-2008-2540 to explain the relationship between CVE-2008-2540 in this bulletin and in MS09-014. Also added Microsoft Knowledge Base Article 959426 as a reference for instructions in implementing SetSearchPathMode in Microsoft Windows 2000.Summary: This security update resolves a publicly disclosed vulnerability in the Windows SearchPath function that could allow elevation of privilege if a user downloaded a specially crafted file to a specific location, then opened an application that could load the file under certain circumstances.
Other versions
- MS09-015 - Version: 1.0
- MS09-015 - Version: 1.1
- MS09-015 - Version: 1.1
