Microsoft Windows MS-DOS Device Name Privilege Escalation Exploit(MS15-038)

An elevation of privilege vulnerability exists when Windows kernel does not properly constrain impersonation levels. The vulnerability occurs because a user can place symlinks for the system drives in the per-login session device map and the kernel will follow them during impersonation. An attacker who successfully exploited this vulnerability may, for example, redirect a call to LoadLibrary, from a system service (when impersonating), to an arbitrary location.
Exploit type: 
Platform: 
Vulnerabilty ID: 
CVE-2015-1644
Product Version: 
2014_R2
Released Date: 
Friday, October 16, 2015 - 00:00