There has been found a race condition vulnerability in the Microsoft Windows MsiAdvertiseProduct function. By exploiting the vulnerability an autheticated attackaer can get elevated privilege to read protected files. Exploit for this vulnerability is publicly available.
Currently there is no fix available for the vulnerability. More information in CERT/CC vulnerability note here.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment