The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability." NOTE: this might overlap CVE-2010-3888.
| Product | CPU Architecture | Version | Update | Tested |
|---|---|---|---|---|
| Windows 7 | ||||
| Windows Server 2008 | SP2 | ✔ | ||
| Windows Server 2008 | ||||
| Windows Server 2008 | R2 | |||
| Windows Vista | SP1 | |||
| Windows Vista | SP2 |
Test system Windows Server 2008 SP2 x86,Using the MSF to execute the following command, the X64 version MSF does not support
use exploit/windows/local/ms10_092_schelevator
set SESSION 2
run
Then it will be successful.
