SecurityHome.eu MS14-049 - Important: Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (2962490)

Home / bulletins

MS14-049 - Important: Vulnerability in Windows Installer Service Could Allow Elevation of Privilege (2962490) - Version: 1.1
Posted on 21 August 2014
There is an newer version: MS14-049 - Version: 1.2
Important
Severity Rating: Important
Revision Note: V1.1 (August 20, 2014): Bulletin revised to add prerequisite information for customers running Windows Server 2003 who install updates manually. See Update FAQ for more information.
Summary: This security update resolves a privately disclosed vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker runs a specially crafted application that attempts to repair a previously-installed application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability.
Link
Other versions
MS14-049 - Version: 1.0
MS14-049 - Version: 1.1
MS14-049 - Version: 1.2

TOP

Bulletins :

4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 2.0 -
4056318 - Guidance for securing AD DS account used by Azure AD Connect for directory synchronization - Version: 1.0 -
4053440 - Securely opening Microsoft Office documents that contain Dynamic Data Exchange (DDE) fields - Version: 1.0 -
MS14-085 - Important: Vulnerability in Microsoft Graphics Component Could Allow Information Disclosure (3013126) - 1.1
MS16-JUL Security Bulletin Summary for July 2016 - 2.0

Last 20

Exploits :

Customer Support System 1.0 Cross Site Scripting
Xhibiter NFT Marketplace 1.10.2 SQL Injection
WordPress WPCode Lite 2.1.14 Cross Site Scripting
Azon Dominator Affiliate Marketing Script SQL Injection
Simple Laboratory Management System 1.0 SQL Injection

Last 20