Description
Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key.
Affected products
- Microsoft / forefront_client_security
- Microsoft / forefront_endpoint_protection_2010
- Microsoft / malicious_software_removal_tool
- Microsoft / malware_protection_engine1.1.6502.0
- Microsoft / malware_protection_engine0.1.13.192 – 0.1.13.192
- Microsoft / malware_protection_engine1.1.3520.0 – 1.1.3520.0
- Microsoft / security_essentials
- Microsoft / Windows Defender
- Microsoft / windows_live_onecare
References
- MISChttp://www.microsoft.com/technet/security/advisory/2491888.mspx
- VENDOR_ADVISORYhttp://secunia.com/advisories/43468
- MISChttp://www.securityfocus.com/bid/46540
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2011/0486
- MISChttp://securitytracker.com/id?1025117
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/65626