Update for Windows 8 (KB3025417)

Install this update to improve protection functionality in Windows Defender. See the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

Microsoft Windows Defender ActiveX Heap Overflow PoC

No description provided by source. Exploits title :Microsoft Windows Defender ActiveX Heap Overflow PoC tested on :windows 7 Microsoft Windows Defender html object classid='clsid:07DD3249-A591-4949-8F20-09CD347C69DC' id='target' /object script language='vbscript' targetFile = C:\Program...

MS Security Advisory 2974294: Vulnerability in Microsoft Malware Protection Engine Could Allow Denial of Service

A vulnerable version of Microsoft Malware Protection Engine MMPE is installed on the remote host. Scanning a maliciously crafted file could prevent the Malware Protection Engine from monitoring affected systems until the file is manually removed and the service is restarted. This plugin checks if...

Microsoft Malware Protection Engine Denial of Service Bug

Microsoft today released a security advisory alerting users of a serious vulnerability in the antimalware engine present in a number of security products, including Windows Defender, Forefront and others. The update will be automatically pushed down to the Microsoft Malware Protection Engine in t...

Microsoft Releases Security Advisory for Microsoft Malware Protection Engine

Microsoft has released a security advisory to address a vulnerability to the Microsoft Malware Protection Engine. Successful exploitation of the vulnerability could allow an attacker to cause a denial of service. An update is available for the following affected software: Microsoft Forefront Clie...

3 6 0 safety guard is closed vulnerability analysis-vulnerability warning-the black bar safety net

3 6 0 safety guard is closed the vulnerability analysis and testing environment for 3 6 0 security guards 9. 0, the latest version of Security Defender has to fix this vulnerability Phenomenon A Trojan can shut down 3 6 0 security guards, through reverse analysis found that the Trojan horse just...

Microsoft Windows multiple security vulnerabilities

Multiple vulnerabilities in .Net and Silverlight, multiple kernel components vulnerabilities, GDI+ TrueType parsing memory corruption, DirectShow memory corruption, VMW parsing memory corruption, multiple Internet Explorer memory corruption, Windows Defender privilege escalation...

CVE-2013-3154

The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory, aka "Microsoft Windows 7 Defender Improper...

Improper access control

The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory, aka "Microsoft Windows 7 Defender Improper...

CVE-2013-3154

CVE-2013-3154 affects Windows Defender on Windows 7 and Windows Server 2008 R2. The issue is caused by an incorrect pathname used by the signature-update functionality, enabling local users to gain privileges via a Trojan horse in the %SYSTEMDRIVE% top-level directory. A successful exploit allows...

CVE-2013-3154

The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory, aka "Microsoft Windows 7 Defender Improper...

Microsoft Windows Defender本地权限提升漏洞(CVE-2013-3154)(MS13-058)

BUGTRAQ ID: 60981 CVECAN ID: CVE-2013-3154 Windows Defender内置于Windows 8 和Windows RT 中，可以帮助实时保护电脑不受病毒、间谍软件和其它恶意软件的侵害。 Microsoft Windows 7 Defender在处理不正确的路径名称时存在安全漏洞，成功利用此漏洞的攻击者可以在 LocalSystem 帐户的安全上下文中执行任意代码并完全控制系统。攻击者可随后安装程序；查看、更改或删除数据；或者创建拥有完全用户权限的新帐户。攻击者必须拥有有效的登录凭据才能利用此漏洞。匿名用户无法利用此漏洞。 0 Microso...

Microsoft Windows Defender Privilege Elevation Vulnerability (2847927)

This host is missing an important security update according to Microsoft Bulletin MS13-058. OpenVAS Vulnerability Test $Id: secpodms13-058.nasl 5339 2017-02-18 16:28:22Z cfi $ Microsoft Windows Defender Privilege Elevation Vulnerability 2847927 Authors: Antu Sanadi Copyright: Copyright c 2013...

Microsoft Windows Defender Privilege Elevation Vulnerability (2847927)

This host is missing an important security update according to Microsoft Bulletin MS13-058. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS13-058: Vulnerability in Windows Defender Could Allow Elevation of Privilege (2847927)

The remote host has a version of Windows Defender installed that is affected by a privilege escalation vulnerability. An attacker with valid login credentials who successfully exploits this vulnerability can execute arbitrary code with SYSTEM privileges. C Tenable Network Security, Inc...

Microsoft Windows Defender CVE-2013-3154 Local Privilege Escalation Vulnerability

Description Microsoft Windows Defender is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the LocalSystem account. Successfully exploiting this issue will result in the complete compromise of affected computer...

July 2013 Microsoft Patch Tuesday Security Updates

A critical Windows kernel vulnerability, publicly disclosed in May by a Google security engineer, will be patched tomorrow when Microsoft releases its July Patch Tuesday security updates. Tavis Ormandy, who has controversially disclosed Windows vulnerability details in the past, made a posting to...

MS Security Advisory 2846338: Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution

A vulnerable version of Microsoft Malware Protection Engine MMPE is installed on the remote host. Scanning a maliciously crafted file can result in arbitrary code execution. This plugin checks if a vulnerable version of MMPE is being used by any of the following applications : - Microsoft Forefro...

SolarWinds Log & Event Manager for Log Management and SEIM Security

SolarWinds® Log & Event Manager LEM, a full-function Security & Information Event Management SIEM solution, delivers powerful log management capabilities in a highly affordable, easy-to-deploy virtual appliance. SolarWinds LEM combines real-time log analysis, event correlation, and a groundbreaki...

Quest Defender Desktop Login Component Unspecified Vulnerability

The version of Quest Defender Desktop Login Component installed on the remote Windows host is prior to 5.7.0.4278. It is, therefore, potentially affected by an unspecified security vulnerability according to Quest knowledge base article SOL104608. C Tenable Network Security, Inc...