PT-2011-2034 · Microsoft · Malware Protection Engine+6
Publicado
2011-02-25
·
Atualizado
2017-08-17
·
CVE-2011-0037
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Malware Protection Engine versions prior to 1.1.6603.0
Microsoft Malicious Software Removal Tool (MSRT) (affected versions not specified)
Windows Defender (affected versions not specified)
Security Essentials (affected versions not specified)
Forefront Client Security (affected versions not specified)
Forefront Endpoint Protection 2010 (affected versions not specified)
Windows Live OneCare (affected versions not specified)
Description
The issue allows local users to gain privileges via a crafted value of an unspecified
user registry key.Recommendations
For Microsoft Malware Protection Engine version prior to 1.1.6603.0, update to version 1.1.6603.0 or later.
At the moment, there is no information about a newer version that contains a fix for this vulnerability for Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare.
Correção
RCE
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Forefront Client Security
Forefront Endpoint Protection 2010
Malicious Software Removal Tool
Malware Protection Engine
Security Essentials
Windows Defender
Windows Live Onecare