Detections
Analytics

Microsoft EMET < 5.5 Security Bypass Vulnerability

high Nessus Plugin ID 88955

Language:

Synopsis

A toolkit for mitigating security vulnerabilities is affected by a security bypass vulnerability.

Description

The version of Microsoft Enhanced Mitigation Experience Toolkit (EMET) installed on the remote host is prior to 5.5. It is, therefore, affected by a vulnerability that allows a remote attacker to disable EMET, bypass its protection, and take control of the affected system.

Solution

Upgrade to Microsoft EMET version 5.5.

See Also

http://www.nessus.org/u?31839e8e

http://www.nessus.org/u?28c790ab

Plugin Details

Severity: High

ID: 88955

File Name: microsoft_emet_5_5.nasl

Version: 1.3

Type: local

Agent: windows

Family: Windows

Published: 2/25/2016

Updated: 6/3/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:microsoft:enhanced_mitigation_experience_toolkit

Required KB Items: SMB/Microsoft/EMET/Path

Patch Publication Date: 2/23/2016

Vulnerability Publication Date: 2/23/2016

Reference Information

IAVA: 2016-A-0054-S