Vulnerabilities > CVE-2019-1255 - Unspecified vulnerability in Microsoft products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
A denial of service vulnerability exists when Microsoft Defender improperly handles files, aka 'Microsoft Defender Denial of Service Vulnerability'.
Vulnerable Configurations
Nessus
| NASL family | Windows |
| NASL id | MICROSOFT_MALWARE_PROTECTION_ENGINE_1_1_16400_2.NASL |
| description | An elevation of privilege vulnerability exists in Microsoft Malware Protection Engine due to improper file handling. An authenticated, remote attacker can exploit this, to gain elevated privileges. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 130091 |
| published | 2019-10-21 |
| reporter | This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
| source | https://www.tenable.com/plugins/nessus/130091 |
| title | Microsoft Malware Protection Engine Elevation of Privilege Vulnerability |
The Hacker News
| id | THN:AB828E4EB75F9C7BC37B672D9FD0092E |
| last seen | 2019-09-24 |
| modified | 2019-09-24 |
| published | 2019-09-24 |
| reporter | The Hacker News |
| source | https://thehackernews.com/2019/09/windows-update-zero-day.html |
| title | Microsoft Releases Emergency Patches for IE 0-Day and Windows Defender Flaw |