The specific flaw exists within the edit_lf_process resource of the Reprise License Manager service. The issue lies in the ability to write arbitrary files with controlled data. An attacker could leverage this vulnerability to execute arbitrary code under the context of SYSTEM. This update introduces more accurate information about vulnerable targets.
Wednesday, April 27, 2016 - 00:00