Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Vulnerability protection

Windows Defender vulnerability could allow escalation of privilege


Report ID: MS201307007
Date Published: 11 July 2013

Criticality: Important
Compromise Type: privilege-escalation
Compromise From: local-system


Affected Product/Component:

Windows Defender for Windows 7
Windows Defender installed on Windows Server 2008 R2




Summary

A vulnerability involving Windows Defender could allow an attacker to execute code with a LocalSystem account privileges and take complete control of an affected system.



Detailed Description

Microsoft has released a security update to address an escalation of privilege vulnerability reported in Windows Defender. The vulnerability was caused by improper use of pathnames when loading an affected version of the Windows Defender service. To exploit this vulnerability, the attacker must first log on to the local system and place a specially crafted application. Upon successful exploitation, the attacker would be able to execute code in the context of a LocalSystem account and proceed to take full control of the system.

This issue has been resolved in the update by correcting the pathnames used by Windows Defender for Windows 7. Users are recommended to install the update to their system as a protection measure against possible exploit attempts.



CVE Reference

CVE-2013-3154



Solution

Install the latest security patch for applicable system, available for download from (https://technet.microsoft.com/en-us/security/bulletin/ms13-058)



Security Advisories

For a list of known vulnerabilities affecting F-Secure products and the released fixes, please refer to the Security Advisories page.