Microsoft Security Essentials < v4.2 Local Privilege Escalation Vulnerability

High Nessus Network Monitor Plugin ID 6818

Synopsis

The remote Windows machine appears to be running a version of Microsoft Security Essentials that is known to be vulnerable to a local privilege escalation vulnerability.

Description

The remote Windows machine appears to be running a version of Microsoft Security Essentials (an antimalware program) that is known to be vulnerable to a local privilege escalation vulnerability. Versions of Microsoft Security Essentials (MSE) earlier than 4.2 contain a vulnerability that could lead to execution of arbitrary code in the security context of the LocalSystem account. Successfully exploiting this issue will result in the complete compromise of affected computers, although this requires the attacker to obtain local interactive access to the target machine.

Solution

Upgrade to the latest version (v4.2 or later).

See Also

http://seclists.org/fulldisclosure/2013/May/10

Plugin Details

Severity: High

ID: 6818

Family: Web Clients

Published: 2013/05/14

Modified: 2016/02/05

Dependencies: 1735, 8314

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.2

Temporal Score: 5.3

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:ND

CVSSv3

Base Score: 8.4

Temporal Score: 7.3

Vector: CVSS3#AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:U/RL:O/RC:X

Vulnerability Information

Patch Publication Date: 2013/02/13

Vulnerability Publication Date: 2013/05/04

Reference Information

BID: 59645