Denial of Service Vulnerability in Microsoft Defender
CVE-2019-1255

7.5HIGH

Key Information:

Vendor: Microsoft
Status: Microsoft Security Essentials; Microsoft System Center; Microsoft Forefront Endpoint Protection; Windows Defender On Windows 7 For 32-bit Systems
Vendor: CVE Published:; 23 September 2019

Summary

A denial of service vulnerability has been identified in Microsoft Defender, where improper handling of files can lead to system instability and interruptions in service. This issue could allow attackers to exploit the vulnerability, resulting in decreased performance or complete disruption of the Defender's functionality.

Affected Version(s)

Microsoft Forefront Endpoint Protection 2010

Microsoft Security Essentials = unspecified

Microsoft System Center 2012 Endpoint Protection

References

https://portal.msrc.microsoft.com/en-US/security-guidance...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 23, 2019
Vulnerability Reserved
Nov 26, 2018