‫ Microsoft Products Malware Protection Engine File Parsing Vulnerability

IRCAD2013052685
ID: IRCAD2013052685
Release Date: 2013-05-15
Criticality level: Highly critical
 
Software:
Microsoft Forefront Client Security
Microsoft Forefront Endpoint Protection 2010
Microsoft Forefront Security for SharePoint
Microsoft Security Essentials 2.x
Microsoft Security Essentials 4.x
Microsoft System Center 2012 Endpoint Protection
Microsoft Windows Defender
Microsoft Windows Intune
Microsoft Windows Malicious Software Removal Tool 4.x
 
Description:
A vulnerability has been reported in multiple Microsoft products, which can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is caused due to an unspecified error when parsing certain files and can be exploited to cause memory corruption.
Successful exploitation may allow execution of arbitrary code.
 
Solution
Ensure that systems are running version 1.1.9506.0 or later of Microsoft Malware Protection Engine.
 
References:
Microsoft (KB2846338):
 
Secunia:
 
 

نظرات

بدون نظر
شما برای نظر دادن باید وارد شوید

نوشته

 
تاریخ ایجاد: 28 اردیبهشت 1392

امتیاز

امتیاز شما
تعداد امتیازها:0