CVE-2019-1161

Published: Aug 14, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again. The update addresses the vulnerability and blocks the arbitrary deletion.

Vendor	Product	Versions
Microsoft	Microsoft Forefront Endpoint Protection 2010	affected `N/A`
Microsoft	Microsoft System Center Endpoint Protection	affected `N/A`
Microsoft	Microsoft System Center 2012 R2 Endpoint Protection	affected `N/A`
Microsoft	Microsoft Security Essentials	affected `N/A`
Microsoft	Microsoft System Center 2012 Endpoint Protection	affected `N/A`
Microsoft	Windows Defender	affected `N/A`

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1161

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-1161

Description

Affected Products

References