MS10-092 MS10-092 - Important: Vulnerability in Task Scheduler Could Allow Elevation of Privilege (2305420)
Important2010-12-14 Bulletin Severity Rating:Important - This security update resolves a publicly disclosed vulnerability in Windows Task Scheduler. The vulnerability could allow elevation of privilege if an attacker logged on to an affected system and ran a specially crafted application. An attacker must have valid logon credentials and be able to log on locally to exploit this vulnerability. The vulnerability could not be exploited remotely or by anonymous users.
Bulletin details at Microsoft.com
Bulletin details at Microsoft.com
Related CVE Entries
CVE-2010-3338
Public exploit
The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOTE: this might overlap CVE-2010-3888.
Max CVSS
7.2
EPSS Score
0.22%
Published
2010-12-16
Updated
2023-12-07