PT-2011-2034 · Microsoft · Malware Protection Engine+6
Published
2011-02-25
·
Updated
2017-08-17
·
CVE-2011-0037
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Microsoft Malware Protection Engine versions prior to 1.1.6603.0
Microsoft Malicious Software Removal Tool (MSRT) (affected versions not specified)
Windows Defender (affected versions not specified)
Security Essentials (affected versions not specified)
Forefront Client Security (affected versions not specified)
Forefront Endpoint Protection 2010 (affected versions not specified)
Windows Live OneCare (affected versions not specified)
Description
The issue allows local users to gain privileges via a crafted value of an unspecified
user registry key.Recommendations
For Microsoft Malware Protection Engine version prior to 1.1.6603.0, update to version 1.1.6603.0 or later.
At the moment, there is no information about a newer version that contains a fix for this vulnerability for Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Forefront Client Security
Forefront Endpoint Protection 2010
Malicious Software Removal Tool
Malware Protection Engine
Security Essentials
Windows Defender
Windows Live Onecare