|25 Feb 2011||#1|
| || |
Microsoft fixes hole in its antivirus engine
February 24, 2011
Microsoft has plugged a hole in its antivirus and antispyware software that could allow an attacker authenticated on the local system to gain LocalSystem privileges.
The fix for the privilege escalation vulnerability is included in an update to the Microsoft Malware Protection Engine. Since the malware protection updates are automatically applied, most end users and administrators won't need to do anything, Microsoft said in its advisory, issued yesterday. The update should be applied within 48 hours of the advisory release, or by the weekend.
The vulnerability is rated "important" for Windows Live OneCare, Microsoft Security Essentials, Windows Defender, Microsoft Malicious Software Removal tool, Forefront Client Security, and Forefront Endpoint Protection 2010.
"The update addresses a privately reported vulnerability that could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid log-on credentials has created a specially crafted registry key," the advisory says. "An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users."
Workstations and terminal servers are primarily at risk, Microsoft said.
Microsoft fixes hole in its antivirus engine | InSecurity Complex - CNET News
|My System Specs|
|Similar help and support threads for2: Microsoft fixes hole in its antivirus engine|
|cant download fixes from microsoft||System Security|
|Microsoft Word Fixes||Software|
|Microsoft tool blocks attacks on Adobe Reader hole||System Security|
|Microsoft finally to close the VBScript hole in Interne||Security News|
|Microsoft to fix critical hole in IE||News|
|Microsoft Scrambling to Close Stubborn Security Hole||System Security|
|Microsoft fixes 28 flaws||Chillout Room|