Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege
Description:This security update resolves a publicly disclosed vulnerability in the Windows SearchPath function that could allow elevation of privilege if a user downloaded a specially crafted file to a specific location, then opened an application that could load the file under certain circumstances. The security update addresses the vulnerability by modifying the way that Windows loads files from the desktop.
Update type: Moderate
Release date: April 14, 2009
Applies to: All versions
Knowledge base: http://support.microsoft.com/kb/959426
- Blended Threat Elevation of Privilege Vulnerability – CVE-2008-2540
For more information on this issue, including potential causes, workarounds, and resolutions, see: Microsoft KB Article KB959426.