Microsoft Security Advisory (2491888): Vulnerability in Microsoft Malware Protection Engine...

Discussion in 'Security Alerts' started by News, Aug 11, 2013.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,203
    Likes Received:
    20
    Revision Note: V1.1 (March 8, 2011): Revised advisory FAQ to announce updated version of the MSRT and added Forefront Security for Exchange Server to the list of non-affected software.
    Summary: Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update addresses a privately reported vulnerability that could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid logon credentials has created a specially crafted registry key. An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users.

    Continue reading...
     

Share This Page

Loading...