An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.
To exploit the vulnerability, an attacker would first have to log on to the system. An attacker could then run a specially crafted command that could exploit the vulnerability and delete protected files on an affected system once MpSigStub.exe ran again.
The update addresses the vulnerability and blocks the arbitrary deletion.
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1161 | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: microsoft
Published: 2019-08-14T20:55:03
Updated: 2024-05-29T16:50:53.510Z
Reserved: 2018-11-26T00:00:00
Link: CVE-2019-1161
JSON object: View
NVD Information
Status : Modified
Published: 2019-08-14T21:15:15.580
Modified: 2024-05-29T17:16:04.430
Link: CVE-2019-1161
JSON object: View
Redhat Information
No data.
CWE