Microsoft Fixes LPE Vulnerability Impacting Windows 7 and Server 2008


Microsoft quietly patched a local privilege escalation (LPE) flaw that affects both Windows 7 and Server 2008 R2 computers. This LPE flaw (which has yet to be assigned a CVE ID) is caused by a misconfiguration of two service registry keys, and it enables local attackers to escalate privileges on fully patched devices. 
On Windows 7 and Windows Server 2008R2, security researcher Clément Labro discovered that insecure permissions on the registry keys of the RpcEptMapper and DnsCache services enable attackers to trick the RPC Endpoint Mapper service into loading malicious DLLs. Attackers can execute arbitrary code in the sense of the Windows Management Instrumentation (WMI) service, which runs with LOCAL SYSTEM permissions, by leveraging this flaw. 

Read more…