Aug 2019: Microsoft Defender Elevation of Privilege Vulnerability
CVE-2019-1161 Published on August 14, 2019

Microsoft Defender Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again. The update addresses the vulnerability and blocks the arbitrary deletion.

NVD

Products Associated with CVE-2019-1161

Want to know whenever a new CVE is published for Microsoft products? stack.watch will email you.

Microsoft Forefront Endpoint Protection 2010

Microsoft Security Essentials

Microsoft System Center Endpoint Protection

Microsoft System Center Endpoint Protection 2012

Microsoft Windows Defender

Affected Versions

Microsoft Forefront Endpoint Protection 2010:

Version N/A is affected.

Microsoft System Center Endpoint Protection:

Version N/A is affected.

Microsoft System Center 2012 R2 Endpoint Protection:

Version N/A is affected.

Microsoft Security Essentials:

Version N/A is affected.

Microsoft System Center 2012 Endpoint Protection:

Version N/A is affected.

Microsoft Windows Defender:

Version N/A is affected.

Exploit Probability

EPSS

0.56%

Percentile

67.97%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Aug 2019: Microsoft Defender Elevation of Privilege VulnerabilityCVE-2019-1161 Published on August 14, 2019

Products Associated with CVE-2019-1161

Affected Versions

Exploit Probability

Aug 2019: Microsoft Defender Elevation of Privilege Vulnerability
CVE-2019-1161 Published on August 14, 2019