ID de Prueba:	1.3.6.1.4.1.25623.1.0.816864
Categoría:	Windows
Título:	Microsoft Defender Elevation of Privilege Vulnerability (Apr 2020)
Resumen:	This host is missing an important security; update according to Microsoft Security Updates released for Microsoft Malware; Protection Engine dated 23-09-2019
Descripción:	Summary: This host is missing an important security update according to Microsoft Security Updates released for Microsoft Malware Protection Engine dated 23-09-2019 Vulnerability Insight: The flaw exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations. Vulnerability Impact: Successful exploitation will allow an attacker to run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again. Affected Software/OS: - Microsoft Windows Defender on Microsoft Windows 10 x32/x64 - Microsoft Windows Server 2019 - Microsoft Windows Server 2016 - Microsoft Windows 7 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2008 x32 - Microsoft Windows Server 2008 R2 x64 - Microsoft Windows Server 2012 - Microsoft Windows Server 2012 R2 Solution: Run the Windows Update to update the malware protection engine to the latest version available. Typically, no action is required as the built-in mechanism for the automatic detection and deployment of updates will apply the update itself. CVSS Score: 6.6 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-1002 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1002
Copyright	Copyright (C) 2020 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.