2 matches found
CVE-2015-2418
CVE-2015-2418 concerns a race condition in Microsoft Malicious Software Removal Tool (MSRT) prior to 5.26 that lets an authenticated local user escalate privileges by placing a crafted DLL in a local directory. The vulnerability stems from how MSRT loads DLLs, enabling privilege elevation when th...
CVE-2011-0037
CVE-2011-0037 affects Microsoft Malware Protection Engine (MMPE) prior to 1.1.6603.0, used in MSRT, Windows Defender, Security Essentials, Forefront products, and related tools. The vulnerability allows local privilege escalation through a crafted value of an unspecified user registry key. The do...