*If your version of the Microsoft Malicious Software Removal Tool is equal to or greater than this version, then you are not affected by this vulnerability and do not need to take any further action. Last version of the Microsoft Malicious Software Removal Tool affected by this vulnerabilityįirst version of the Microsoft Malicious Software Removal Tool with this vulnerability addressed Advisory Detailsįor more information about this issue, see the following references: References The exact timeframe depends on the software used, Internet connection, and infrastructure configuration. Typically, no action is required of enterprise administrators or end users to install updates for the Microsoft Malicious Software Removal Tool, because the built-in mechanism for the automatic detection and deployment of updates will apply the update within 48 hours of release. An attacker could then install programs view, change, or delete data or create new accounts with full administrative rights.Īdministrators of enterprise installations should follow their established internal processes to ensure that updates are approved in their update management software, and that clients consume the updates accordingly. An authenticated attacker who successfully exploited the vulnerability could elevate privileges on a target system.
The vulnerability could allow elevation of privilege if an attacker logs on to a target system and places a specially crafted dynamic link library (.dll) file in a local directory. Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malicious Software Removal Tool (MSRT) is available that addresses a security vulnerability that was reported to Microsoft. In this article Vulnerability in Microsoft Malicious Software Removal Tool Could Allow Elevation of Privilege
0 kommentar(er)
