Microsoft fixes hole in its antivirus engine

Vulnerability is addressed in update for Microsoft Malware Protection Engine, an update that'll be automatically applied to most systems.

Microsoft has plugged a hole in its antivirus and antispyware software that could allow an attacker authenticated on the local system to gain LocalSystem privileges.

The fix for the privilege escalation vulnerability is included in an update to the Microsoft Malware Protection Engine. Since the malware protection updates are automatically applied, most end users and administrators won't need to do anything, Microsoft said in its advisory, issued yesterday. The update should be applied within 48 hours of the advisory release, or by the weekend.

The vulnerability is rated "important" for Windows Live OneCare, Microsoft Security Essentials, Windows Defender, Microsoft Malicious Software Removal tool, Forefront Client Security, and Forefront Endpoint Protection 2010.

"The update addresses a privately reported vulnerability that could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid log-on credentials has created a specially crafted registry key," the advisory says. "An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users."

Workstations and terminal servers are primarily at risk, Microsoft said.

About the author

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor.

 

Join the discussion

Conversation powered by Livefyre

Don't Miss
Hot Products
Trending on CNET

TechProbe Volunteers Wanted: Huawei Mate 7

Your chance to test drive and keep the Huawei Mate 7 phone

Tell us about the technology you're using right now, and how a smartphone could help you in your professional life.