ID de Prueba:	1.3.6.1.4.1.25623.1.0.813117
Categoría:	Windows
Título:	Microsoft Malware Protection Engine on Security Essentials RCE Vulnerability (Apr 2018)
Resumen:	This host is missing a critical security; update according to Microsoft Security Updates released for Microsoft Malware; Protection Engine dated 03-04-2018
Descripción:	Summary: This host is missing a critical security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 03-04-2018 Vulnerability Insight: The flaw exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. Vulnerability Impact: Successful exploitation will allow an attacker to execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights. Affected Software/OS: Microsoft Security Essentials. Solution: Run the Windows Update to update the malware protection engine to the latest version available. Typically, no action is required as the built-in mechanism for the automatic detection and deployment of updates will apply the update itself. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2018-0986 BugTraq ID: 103593 http://www.securityfocus.com/bid/103593 https://www.exploit-db.com/exploits/44402/ http://www.securitytracker.com/id/1040631
Copyright	Copyright (C) 2018 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.