Test Kennung:	1.3.6.1.4.1.25623.1.0.816864
Kategorie:	Windows
Titel:	Microsoft Defender Elevation of Privilege Vulnerability (Apr 2020)
Zusammenfassung:	This host is missing an important security; update according to Microsoft Security Updates released for Microsoft Malware; Protection Engine dated 23-09-2019
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 23-09-2019 Vulnerability Insight: The flaw exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. Vulnerability Impact: Successful exploitation will allow an attacker to run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again. Affected Software/OS: - Microsoft Windows Defender on Microsoft Windows 10 x32/x64 - Microsoft Windows Server 2019 - Microsoft Windows Server 2016 - Microsoft Windows 7 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2008 x32 - Microsoft Windows Server 2008 R2 x64 - Microsoft Windows Server 2012 - Microsoft Windows Server 2012 R2 Solution: Run the Windows Update to update the malware protection engine to the latest version available. Typically, no action is required as the built-in mechanism for the automatic detection and deployment of updates will apply the update itself. CVSS Score: 6.6 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2020-1002 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1002
Copyright	Copyright (C) 2020 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.