Local Privilege Escalation Flaw in Microsoft Security Software
CVE-2011-0037

Currently unrated

Key Information:

Vendor: Microsoft
Status: Forefront Client Security; Windows Defender; Malware Protection Engine; Forefront Endpoint Protection 2010
Vendor: CVE Published:; 25 February 2011

Summary

A vulnerability in the Microsoft Malware Protection Engine allows local users to gain elevated privileges by manipulating a user registry key value. This flaw affects several Microsoft security products, enabling potential exploitation of systems running outdated versions of the engine. Users are encouraged to update to the latest version to mitigate risks associated with this issue.

References

http://www.microsoft.com/technet/security/advisory/249188...

x_refsource_CONFIRM

http://secunia.com/advisories/43468

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/46540

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Feb 25, 2011
Vulnerability Reserved
Dec 10, 2010