CVE-2019-1161

Summary

An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again. The update addresses the vulnerability and blocks the arbitrary deletion.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Forefront Endpoint Protection 2010N/Aaffected
MicrosoftMicrosoft System Center Endpoint ProtectionN/Aaffected
MicrosoftMicrosoft System Center 2012 R2 Endpoint ProtectionN/Aaffected
MicrosoftMicrosoft Security EssentialsN/Aaffected
MicrosoftMicrosoft System Center 2012 Endpoint ProtectionN/Aaffected
MicrosoftWindows DefenderN/Aaffected

Weaknesses

  • Elevation of Privilege

ADP Enrichment

CVE Program Container

Additional References

References