Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

Microsoft Defender Elevation of Privilege Vulnerability-July 2020

Severity

Low

Family

Windows

CVSSv2 Base

3.6

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:P/A:P

Solution Type

Vendor Patch

Created

3 years ago

Modified

3 years ago

This host is missing an important security update according to Microsoft July-2020 monthly updates.

Insight

The flaw exists due to an error in MpSigStub.exe for Defender which allows file deletion in arbitrary locations.

Affected Software

- Microsoft Windows Defender on Microsoft Windows 10 x32/x64 - Microsoft Windows Server 2019 - Microsoft Windows Server 2016 - Microsoft Windows 7 x32/x64 - Microsoft Windows 8.1 x32/x64 - Microsoft Windows Server 2008 x32 - Microsoft Windows Server 2008 R2 x64 - Microsoft Windows Server 2012 - Microsoft Windows Server 2012 R2

Detection Method

Checks if a vulnerable version is present on the target host.

Solution

Run the Windows Update to update the malware protection engine to the latest version available. Typically, no action is required as the built-in mechanism for the automatic detection and deployment of updates will apply the update itself.

Common Vulnerabilities and Exposures (CVE)

CVE-2020-1461

References

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

Microsoft Defender Elevation of Privilege Vulnerability-July 2020

Information

Severity

Severity

Family

Family

CVSSv2 Base

CVSSv2 Base

CVSSv2 Vector

CVSSv2 Vector

Solution Type

Solution Type

Created

Created

Modified

Modified

Share

Summary

Insight

Insight

Affected Software

Affected Software

Detection Method

Detection Method

Solution

Solution

Common Vulnerabilities and Exposures (CVE)

References