I have recently discovered a bug in Avast Windows products (not CVE-2015-2032) that allows a local attacker to elevate his privileges and execute code as SYSTEM.
The details will be published in the near future, but in the meantime…

Enjoy,
kyREcon