CVE-2011-0037

Summary

Microsoft Malware Protection Engine before 1.1.6603.0, as used in Microsoft Malicious Software Removal Tool (MSRT), Windows Defender, Security Essentials, Forefront Client Security, Forefront Endpoint Protection 2010, and Windows Live OneCare, allows local users to gain privileges via a crafted value of an unspecified user registry key.

Impact & exploitability

AV:L/AC:L/Au:N/C:C/I:C/A:C

Affected products we track (2)

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information

• NVD record
• http://secunia.com/advisories/43468Advisory
• http://www.microsoft.com/technet/security/advisory/2491888.mspxAdvisory
• http://www.vupen.com/english/advisories/2011/0486Advisory
• http://securitytracker.com/id?1025117
• http://www.securityfocus.com/bid/46540
• https://exchange.xforce.ibmcloud.com/vulnerabilities/65626