Privilege escalation in Windows Task Scheduler
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2010-3338 |
| CWE-ID | CWE-264 |
| Exploitation vector | Local |
| Public exploit | This vulnerability is being exploited in the wild. |
| Vulnerable software |
Windows Operating systems & Components / Operating system Windows Server Operating systems & Components / Operating system |
| Vendor | Microsoft |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Privilege escalation
EUVDB-ID: #VU3075
Risk: Medium
CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Green]
CVE-ID: CVE-2010-3338
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a local user obtain elevated privileges on vulnerable system.
The vulnerability exists in Windows Task Scheduler when running scheduled tasks within the intended security context. A local user can create a specially crafted task and execute arbitrary code on vulnerable system with privileges of the local system account.
Successful exploitation of this vulnerability may allow a local user to obtain full access to vulnerable system.
Note: this vulnerability is being actively exploited.
MitigationInstall update from Microsoft website:
Windows Vista Service Pack 1 and Windows Vista Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=48F10251-34D8-4149-B4B2-BF3EC28F5846
Windows Vista x64 Edition Service Pack 1 and Windows Vista x64 Edition Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=099CCC5F-B92F-4D06-BCB5-92E35C49F613
Windows Server 2008 for 32-bit Systems and Windows Server 2008 for 32-bit Systems Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=BDC9564A-4091-4CDE-963A-239513DB6C17
Windows Server 2008 for x64-based Systems and Windows Server 2008 for x64-based Systems Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=DFF39BFE-0799-4912-AE22-392562178AE6
Windows Server 2008 for Itanium-based Systems and Windows Server 2008 for Itanium-based Systems Service Pack 2:
https://www.microsoft.com/downloads/details.aspx?familyid=CF341A35-32EA-4FF7-ACA9-1A4683C100EE
Windows 7 for 32-bit Systems:
https://www.microsoft.com/downloads/details.aspx?familyid=CF85CDB6-58C7-4144-82F6-F01A6A4F9C3A
Windows 7 for x64-based Systems:
https://www.microsoft.com/downloads/details.aspx?familyid=0597018D-39F5-4CA9-B437-63D9E68F264D
Windows Server 2008 R2 for x64-based Systems:
https://www.microsoft.com/downloads/details.aspx?familyid=28C832FB-4937-4652-8799-EAB6C76D05FB
Windows Server 2008 R2 for Itanium-based Systems:
https://www.microsoft.com/downloads/details.aspx?familyid=3AD64D5C-2D81-4AC8-934E-8917B2FCF961
Windows: Vista - 7
Windows Server: 2008 R2 - 2008
CPE2.3- cpe:2.3:o:microsoft:windows:Vista:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
- cpe:2.3:o:microsoft:windows_server:*:*:*:*:*:*:*:*
https://technet.microsoft.com/library/security/ms10-092
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
