#windows

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

**How could an attacker exploit this vulnerability?** An unauthenticated attacker could send a specially crafted request to a vulnerable LDAP server. Successful exploitation could result in bypassing a buffer length check which could be leveraged to achieve information leak.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain specific limited SYSTEM privileges.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could impersonate the group Managed Service Account (gMSA) to perform actions or access resources over the network.

**According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?** Successful exploitation of this vulnerability requires an attacker to win a race condition.

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.

**What privileges could be gained by an attacker who successfully exploited the vulnerability?** An attacker who successfully exploited this vulnerability could gain SYSTEM privileges.

In SAP Host Agent (Windows) - versions 7.21, 7.22, an attacker who gains local membership to SAP_LocalAdmin could be able to replace executables with a malicious file that will be started under a privileged account. Note that by default all user members of SAP_LocaAdmin are denied the ability to logon locally by security policy so that this can only occur if the system has already been compromised.

Categories: News Tags: Windows 7 end of ESU Tags: Extended Security Updates Tags: ESU Tags: Microsoft ESU Tags: ESU program Tags: WIndows 8.1 Tags: Windows Server 2008/R2 Tags: NVIDIA Tags: Google Chrome Tags: Chrome Microsoft will cease supporting Windows 7 and Windows 8.1 all together, as well as Windows Server 2008/R2. (Read more...) The post Microsoft ends extended support for Windows 7 and Windows Server 2008 today appeared first on Malwarebytes Labs.