KLA11537Privilege escalation vulnerability in Microsoft Defender

2019-08-13T00:00:00
ID KLA11537
Type kaspersky
Reporter Kaspersky Lab
Modified 2020-05-22T00:00:00

Description

Detect date:

08/13/2019

Severity:

High

Description:

An elevation of privilege vulnerability was found in Microsoft Defender. Malicious users can exploit this vulnerability via specially crafted command to gain privileges.

Affected products:

Microsoft System Center 2012 Endpoint Protection
Windows Defender
Microsoft Forefront Endpoint Protection 2010
Microsoft Security Essentials
Microsoft System Center Endpoint Protection
Microsoft System Center 2012 R2 Endpoint Protection

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

CVE-2019-1161

Impacts:

PE

Related products:

Windows Defender

CVE-IDS:

CVE-2019-11610.0Unknown

Microsoft official advisories: