Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Microsoft Security Essentials < v4.2 Local Privilege Escalation Vulnerability

High

Synopsis

The remote Windows machine appears to be running a version of Microsoft Security Essentials that is known to be vulnerable to a local privilege escalation vulnerability.

Description

The remote Windows machine appears to be running a version of Microsoft Security Essentials (an antimalware program) that is known to be vulnerable to a local privilege escalation vulnerability. Versions of Microsoft Security Essentials (MSE) earlier than 4.2 contain a vulnerability that could lead to execution of arbitrary code in the security context of the LocalSystem account. Successfully exploiting this issue will result in the complete compromise of affected computers, although this requires the attacker to obtain local interactive access to the target machine.

Solution

Upgrade to the latest version (v4.2 or later).