Lucene search
K

51 matches found

The Hacker News
The Hacker News
added 2021/02/16 1:30 p.m.172 views

Learn How to Manage and Secure Active Directory Service Accounts

There are many different types of accounts in a typical Active Directory environment. These include user accounts, computer accounts, and a particular type of account called a service account. A service account is a special type of account that serves a specific purpose for services, and...

0.8AI score
Exploits0
OpenVAS
OpenVAS
added 2018/04/04 12:0 a.m.174 views

Microsoft Malware Protection Engine on Windows Defender RCE Vulnerability (Apr 2018)

This host is missing a critical security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 03-04-2018 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

9.3CVSS9.1AI score0.61482EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2018/04/04 12:0 a.m.1207 views

Microsoft Malware Protection Engine < 1.1.14700.5 RCE

The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.14700.5. It is, therefore, affected by a remote code execution vulnerability which could allow an attacker who successfully exploited this vulnerability to execute arbitrary code in the...

9.3CVSS9.2AI score0.61482EPSS
Exploits2References2
Microsoft CVE
Microsoft CVE
added 2018/04/03 7:0 a.m.45 views

Microsoft Malware Protection Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...

9.3CVSS2.2AI score0.61482EPSS
Exploits2
Veeam
Veeam
added 2018/01/04 12:0 a.m.15 views

The LocalSystem account cannot be changed during the Update installation process

Challenge The Update installation cannot be performed because it requires the LocalSystem password to continue and it does not provide an option to change an existing account in the installation Wizard. Cause Veeam ONE Monitor Server service is running under the LocalSystem account which cannot b...

7AI score
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2017/12/08 12:0 a.m.172 views

Microsoft Malware Protection Engine on Windows Defender Multiple RCE Vulnerabilities (Dec 2017)

This host is missing an important security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 12/06/2017 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

9.3CVSS7.6AI score0.28327EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2017/12/07 7:44 p.m.43 views

Microsoft Issues Emergency Windows Security Update For A Critical Vulnerability

Microsoft has just released an emergency security patch to address a critical remote code execution RCE vulnerability in its Malware Protection Engine MPE that could allow an attacker to take full control of a victim's PC. Enabled by default, Microsoft Malware Protection Engine offers the core...

9.3CVSS8.2AI score0.28327EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2017/12/07 8:0 a.m.35 views

Microsoft Malware Protection Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...

9.3CVSS2.2AI score0.19759EPSS
Exploits0
ThreatPost
ThreatPost
added 2017/06/26 1:54 p.m.28 views

Another RCE Vulnerability Patched in Microsoft Malware Protection Engine

Google Project Zero continues to scrape away at the ubiquitous Microsoft Malware Protection Engine at the core of many security products embedded in Windows, and it continues to discover new critical vulnerabilities. The latest, another remote code execution flaw, was patched on Friday after it w...

9.3CVSS1.2AI score0.43588EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2017/06/23 7:0 a.m.35 views

Microsoft Malware Protection Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...

9.3CVSS2.2AI score0.43588EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/06/23 12:0 a.m.167 views

Microsoft Malware Protection Engine < 1.1.13903 RCE

The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.13903.0. It is, therefore, affected by a remote code execution vulnerability due to improper handling of files during scanning. An unauthenticated, remote attacker can exploit this, via a...

9.3CVSS8.2AI score0.43588EPSS
Exploits1References2
Microsoft CVE
Microsoft CVE
added 2017/05/25 7:0 a.m.35 views

Microsoft Malware Protection Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...

9.3CVSS2.2AI score0.50281EPSS
Exploits1
OpenVAS
OpenVAS
added 2017/05/17 12:0 a.m.112 views

Microsoft Security Essentials RCE Vulnerability (KB4022344)

This host is missing an important security update according to Microsoft KB4022344. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescripti...

9.3CVSS7.7AI score0.77207EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2017/05/09 12:0 a.m.557 views

MS Security Advisory 4022344: Security Update for Microsoft Malware Protection Engine

The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.13704.0. It is, therefore, affected by a remote code execution vulnerability in the NScript component in mpengine.dll due to a type confusion error. An unauthenticated, remote attacker can...

9.3CVSS8.8AI score0.77207EPSS
Exploits5References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.15 views

BakBone NetVault 7.1 - Local Privilege Escalation Exploit

No description provided by source. // ===== Start UnhideNetVaultServiceWindow.c ====== include stdio.h include windows.h int main void HWND hWnd; char szWindowName = C:\Program Files\BakBone Software\NetVault\bin\nvstatsmngr.exe; printf Finding window %s\n, szWindowName ; hWnd = FindWindow...

7.1AI score
Exploits0
Symantec
Symantec
added 2013/07/09 12:0 a.m.66 views

Microsoft Windows Defender CVE-2013-3154 Local Privilege Escalation Vulnerability

Description Microsoft Windows Defender is prone to a local privilege-escalation vulnerability. An attacker can exploit this issue to execute arbitrary code within the context of the LocalSystem account. Successfully exploiting this issue will result in the complete compromise of affected computer...

6.9CVSS2.5AI score0.01765EPSS
Exploits1Affected Software2
Tenable Nessus
Tenable Nessus
added 2013/05/14 12:0 a.m.11 views

Microsoft Security Essentials < v4.2 Local Privilege Escalation Vulnerability

Binary data 6818.prm...

7.3AI score
Exploits0References1
securityvulns
securityvulns
added 2013/05/06 12:0 a.m.37 views

Vulnerability in Microsoft Security Essentials &lt;v4.2

Hi @ll, versions of Microsoft Security Essentials before the current v4.2 see https://support.microsoft.com/kb/2805304 have a vulnerability that could lead to execution of arbitrary code in the security context of the LocalSystem account almost like https://support.microsoft.com/kb/2781197 alias...

3.5AI score
Exploits0
OpenVAS
OpenVAS
added 2013/04/10 12:0 a.m.14 views

Microsoft Antimalware Client Privilege Elevation Vulnerability (2823482)

This host is missing an important security update according to Microsoft Bulletin MS13-034. OpenVAS Vulnerability Test $Id: secpodms13-034.nasl 5339 2017-02-18 16:28:22Z cfi $ Microsoft Antimalware Client Privilege Elevation Vulnerability 2823482 Authors: Veerendra GG Copyright: Copyright c 2013...

7.2CVSS1.1AI score0.01806EPSS
Exploits0References3
securityvulns
securityvulns
added 2011/07/06 12:0 a.m.37 views

NGS00051 Technical Advisory: Cisco VPN Client Privilege Escalation

======= Summary ======= Name: Cisco VPN Client Privilege Escalation Release Date: 28 June 2011 Reference: NGS00051 Discoverer: Gavin Jones [email protected] Vendor: Cisco Vendor Reference: Systems Affected: Cisco VPN client Windows 64 Bit Risk: High Status: Fixed ======== TimeLine =======...

2.1AI score
Exploits0
Rows per page
Query Builder