Microsoft Defender Elevation of Privilege Vulnerability

2019-10-09T07:00:00
ID MS:CVE-2019-1255
Type mscve
Reporter Microsoft
Modified 2019-10-09T07:00:00

Description

An elevation of privilege vulnerability exists when Microsoft Defender improperly handles files. An attacker could exploit the vulnerability to overwrite the discretionary access control list (DACL) for a file.

To exploit the vulnerability, an attacker would first require execution on the victim system.

The security update addresses the vulnerability by ensuring Microsoft Defender properly handles files.