Oval Definition:oval:org.mitre.oval:def:29280
Revision Date:2015-12-22Version:44
Title:Windows DLL remote code execution vulnerability - CVE-2015-2368 (MS15-069)
Description:Untrusted search path vulnerability in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Windows DLL Remote Code Execution Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2015-2368
Platform(s):Microsoft Windows 7
Microsoft Windows 8.1
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012 R2
Product(s):
Definition Synopsis
  • Win 7 / R2 and vulnerable file version
  • Win 7 / R2
  • Microsoft Windows 7 (32-bit) is installed
  • OR Microsoft Windows 7 x64 Edition is installed
  • OR Microsoft Windows Server 2008 R2 x64 Edition is installed
  • AND Check if the version of wksprt.exe is less than 6.3.9600.17901
  • OR Win 8.1 (x86) and vulnerable file version
  • Microsoft Windows 8.1 (x86) is installed
  • AND Check if the version of atlthunk.dll is less than 6.3.9600.17415
  • OR Windows 8.1/2k12 R2(64 bit) and vulnerable file version
  • Win 8.1/2k12 R2 (x64)
  • Microsoft Windows 8.1 (x64) is installed
  • OR Microsoft Windows Server 2012 R2 is installed
  • AND Check if the version Atlthunk.dll is less than 6.3.9600.17670 (SysWow64)
    • BACK