Consent User Interface local privilege escalation vulnerability - MS10-100ID: oval:org.secpod.oval:def:1273 | Date: (C)2011-06-24 (M)2023-12-14 |
Class: PATCH | Family: windows |
The host is missing a critical security update according to Microsoft security bulletin, MS10-100. The update is required to fix local privilege escalation vulnerability. A flaw is present in the Consent User Interface (UI) in User Account Control (UAC), which fails to handle an unspecified registry-key value. Successful exploitation could allow an attacker to execute arbitrary code and gain privileges via a crafted application.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Vista |