The specific flaw exists within the handling of junction points in the Favorites folder linked to other folders. An attacker running code in the context of a low-rights Internet Explorer process can set up a junction point in the Favorites folder and then the IE broker process will change access control rights in the targeted folders (which are normally unmodifiable by the low-rights process). An attacker can leverage this vulnerability to execute code under the context of a medium integrity process.
Microsoft has issued an update to correct this vulnerability. More details can be found at:
|Ashutosh Mehra (https://twitter.com/ashutoshmehra)