Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution – Version: 1.0

Severity Rating:
Revision Note: V1.0 (May 14, 2013): Advisory published.
Summary: Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take complete control of the system.

Leave a Reply