Update For Attacks Using Windows Service Isolation And TAPI

Microsoft issued a Security Advisory to inform customers of the potential attacks targeting Windows Service Isolation, a feature included into all supported Windows operating systems, including Windows 7 and Windows Server 2008 R2. "This advisory also offers a non-security update for one of the potential attack scenarios through Windows Telephony Application Programming Interfaces (TAPI).""According to […]

Microsoft issued a Security Advisory to inform customers of the potential attacks targeting Windows Service Isolation, a feature included into all supported Windows operating systems, including Windows 7 and Windows Server 2008 R2. "This advisory also offers a non-security update for one of the potential attack scenarios through Windows Telephony Application Programming Interfaces (TAPI)."

"According to Microsoft, a problem has been identified in the manner in which the NetworkService token can be received and leveraged in association with RPC calls, via the Windows Telephony Application Programming Interfaces (TAPI) transaction facility."

Microsoft stated this issue doesn't require a security bulletin to be patched, and that customers can already access an update that will bulletproof their systems against attacks.

Reference: SA (2264072) – Elevation of Privilege Using Windows Service Isolation Bypass